Not All AppSec Scanning Is Created Equal
You no doubt know the phrase, “if you don’t have anything nice to say, don’t say anything at all.” A better take ..
The Role of Threat Hunting in Modern Security
Security and IT teams may be loath to admit it, but security has historically been mostly a reactive affair. Security engineers monitored ..
Ensure Cloud Security With These Key Metrics
Over the past decade, the way we build and deploy applications has changed dramatically. The explosion of public cloud providers enables ..
Why Developers Use Open Source in Their Projects – and How to Manage the Risks
If you’re a developer, incorporating open source code into your project is like ordering a meal kit instead of cooking from scratch. It saves ..
Open Source Is Everywhere – Even Your Codebase
In his 2011 article for The Wall Street Journal, Marc Andreessen wrote that “software is eating the world.” This, he explained, is because ..
What Developers Need From Secure Coding Training
Developers are eager for knowledge, especially when it comes to learning how to write secure-by-design code. However, they lack the necessary ..
Developer Training in the Context of Regulatory Compliance
Many regulatory frameworks require developers to be educated about security. The most recent version of the PCI DSS standard, for example, ..
Privacy By Design
Privacy is an important feature in today’s software, and DevOps teams should be focused on it. Privacy by Design, Privacy Enhancing ..
Azure Monitor vs. AWS CloudWatch
Cloud computing is an incredible asset to new and seasoned companies alike. With pricing and infrastructure that can accommodate any demand, ..
Parity, Kubernetes and Cloud-Native Security
Parity may not be on many folks’ lists of hot IT buzzwords. But perhaps it should be. If you want to improve application quality while also strengthening security, striving for parity is a simple but effective way to do it.