There are a growing number of application security-related conversations – conversations around paralyzing breaches, increasing regulations, and risky open source code. Many of these conversations occur in small groups, resulting in action items for stakeholders who are often not involved in the conversation. How can those conversations include the voices of all the different stakeholders […]
The application security space is a complicated environment with a vast landscape of roles, development methodologies, and tech stacks. Developers, security leads, risk analysts, Scrum masters, vendor managers, operations teams, and system architects are all on the scene, just to name a few. If we compare the land of AppSec to the agriculture industry, your […]
While cybersecurity risk is steadily growing, so too is the recognition that application security (AppSec) is critical to protecting valuable enterprise resources. More than ever, ensuring that you have a program that spans the entire SDLC is critical to preventing breaches into your organization and customer data. Just as it is important to inventory and […]
It’s best practice to kick off your AppSec inititive by starting small, scanning your most business-critical apps, and addressing the most severe flaws. But it’s also best practice to scale your program to eventually cover your entire app landscape, and all flaws. Why? First, because you can be breached through non-critical apps; JP Morgan was […]