Collaborate Disseminate
A benchmarking study by the NSA Center for Assured Software found that the average SAST tool covers only 8 out of 13 weakness classes and finds only 22 percent of flaws in each weakness class. Based on these numbers, the average SAST tool is likely to … Continue reading The Evolution of Security Testing
DevSecOps is the expansion of DevOps that includes security professionals as well. The idea is for everyone to be looking at the code together, rather than in silos. This will produce the most robust and resilient software with the least amount of time… Continue reading The Move Toward Continuous Testing
The acceleration of application development has shown no sign of stopping. As a result, we’re seeing increasingly complex, interconnected software. These forces are driving organizations to go beyond merely identifying common security errors or protect… Continue reading A Guide To Automated Continuous Security Testing
The acceleration of application development has shown no sign of stopping. As a result, we’re seeing increasingly complex, interconnected software. These forces are driving organizations to go beyond merely identifying common security errors or protect… Continue reading A Guide To Automated Continuous Security Testing
The To All The Tools I’ve Loved Before series reaffirmed that there’s true love still out there. How are Your Apps and Mayhem doing you ask? Find out in this sequel and final installment.
The post P.S. I Love You: The One (Mayhem) appeared first on Sec… Continue reading P.S. I Love You: The One (Mayhem)
This framework is a model for framing the way you evaluate the economic return of investing in fuzz testing or other comparable solutions. Organizations can also use this framework to help predict which fuzz testing solutions will offer the most value … Continue reading Fuzz Testing ROI Framework
If you haven’t given much thought on what holiday gift to get the fuzzing pro in your life, fear not! Here is a gift guide inspired by the needs and wants of ForAllSecure’s very own security experts.
The post 18 Gifts for the Fuzzing Pro in Your Life a… Continue reading 18 Gifts for the Fuzzing Pro in Your Life
Learn how to implement an accurate application security testing program that effectively manages risk, while protecting developer productivity.
The post Your AST Guide for the Disenchanted: Part 3 appeared first on Security Boulevard.
Continue reading Your AST Guide for the Disenchanted: Part 3
The Decipher Security podcast by Duo Security analyzes the news, explores the impact of the latest risks, and provides informative and educational material for readers intent on understanding how security affects our world. Their mission is to amp… Continue reading Decipher Security Podcast with ForAllSecure CEO David Brumley
Security and speed are often perceived to be mutually exclusive, repelling away from each other like identical poles of a magnet. Dr. David Brumley, CEO of ForAllSecure and professor at CMU, posits that they don’t have to be. In ForAllSecure… Continue reading Key Takeaways from ForAllSecure’s, “Achieving Development Speed and Code Quality with Behavior Testing” Webinar