Collaborate Disseminate
Security is an undeniable necessity for the survival and success of any company. COVID-19 accelerated digital transformation initiatives across all industries and this shift placed significant pressure on developers to push software to market at unprec… Continue reading Digital business requires a security-first mindset
Spectrum is the industry’s only cloud security event that meets you where you are on your cloud journey. The virtual event, taking place April 27 at 9 a.m. PST, will bring together top security and cloud experts to provide helpful insights and actiona… Continue reading Upcoming Event: Spectrum by Prisma Cloud
Salesforce is a feature-rich SaaS platform designed for custom development and user modification. Its business power is driven by the ease of customization from both AppExchange downloads and its massive developer ecosystem. However, when Salesforce i… Continue reading Salesforce DevSecOps: Avoiding Arrested Development
Traditionally, security systems and cybersecurity efforts focused on infrastructure, and often worked in silos separate from application developers. This approach often left applications vulnerable and susceptible to attack, and cybercriminals are tak… Continue reading Mitigating Threats to the Application Layer
The inspiration for this blog came from my recent preparation for an office hour on ShiftLeft Build Rules and Policy Language. Please note that this blog is based on my personal experimentation and doesn’t represent any official roadmap/direction of th… Continue reading Decouple your ShiftLeft AppSec policies with Open Policy Agent
Security experts are always looking for a silver bullet. New products promise to resolve all your issues. Typically, these products overpromise to expand market share. Most attacks we see these days occur not because of genius attacks. Instead, they’re due to the company not following the simplest defensive practices. Keeping patches up-to-date and having strong […]
The post Software Composition Analysis: Developers’ Security Silver Bullet appeared first on Security Intelligence.
Continue reading Software Composition Analysis: Developers’ Security Silver Bullet
The fundamentals of a formal, effective application security plan should start with business objectives, tools, processes and most of all, data, with the primary driver for securing applications focused on protecting data. While it is important to sur… Continue reading Building Immunity at AppSec Insertion Points
Organizations of every type and size are looking to the cloud for a multitude of benefits, including agility, quick time-to-value, cost savings and scalability. But enterprise-scale deployments can make this process complex, more so as it relates to identity and access management (IAM). Protections through the cloud are often a web of permissions that, if your […]
The post Are Cloud-Native IAM Controls Good Enough for Your Enterprise? appeared first on Security Intelligence.
Continue reading Are Cloud-Native IAM Controls Good Enough for Your Enterprise?
Application Security for builders and creators — part 2
Previously on Application Security for builders and creators — Alice and Bob wanted to build a vaccine passport app with go micro-services and a React UI. Claire suggests the team to engineer secu… Continue reading Application Security for builders and creators — part 2
On 11th February 2001, many software delivery thought leaders came together in Snowbird, Utah, to discuss how to create processes that can enable enterprises to continuously deliver valuable software that satisfies their customers’ needs, and helps con… Continue reading The influence of the Agile Manifesto, 20 years on