Collaborate Disseminate
The era of the cloud-native application is well and truly upon us: IDC researchers have predicted that by 2023, more that 500 million apps will be developed using cloud-native approaches! While some applications are still being built on a monolithic (a… Continue reading Take a dev-centric approach to cloud-native AppSec testing
Veracode published a research that finds most applications are now scanned around three times a week, compared to just two or three times a year a decade ago. This represents a 20x increase in average scan cadence between 2010 and 2021. Scan frequency … Continue reading The importance of implementing security scanning in the software development lifecycle
One of the biggest changes to the cybersecurity landscape is that developers are now often expected to implement security directly into the applications they’re building as part of the automated development lifecycle, rather than relying on security or… Continue reading Low code applications are essential for cybersecurity development in applications
Delivering secure applications requires tooling built for automation in the modern tech stack. Oxeye provides a cloud-native application security testing solution that is designed to overcome the challenges imposed by the complex nature of modern archi… Continue reading Product showcase: Oxeye.io – Cloud native application security testing
The use of mobile devices has skyrocketed in the past two years and with it the mobile app market. It’s predicted mobile apps will generate more than $935 billion in revenue by 2023. Areas with growth potential, unfortunately, often attract the attenti… Continue reading A 2022 priority: Automated mobile application security testing
Modern applications and software have evolved as the transition to the cloud was accelerated by widespread digital transformation, as enterprises of all sizes made heavy investments in their technology stacks. This opened the floodgates for a new era o… Continue reading The threats of modern application architecture are closer than they appear
Recent high-profile supply chain attacks have heightened the need for increased regulation of the open-source community. In the U.S., for example, President Biden’s recent executive order asks government vendors to attest “to the extent practicab… Continue reading Regulation fatigue: A challenge to shift processes left
Read Time 2 minutes DevOps is fast. Security is slow. That is about to change for enterprises willing to adopt the new standards outlined by NIST
The post Put Your AppSec Program in the Fast Lanes with the New NIST Standards for Security Testing. appe… Continue reading Put Your AppSec Program in the Fast Lanes with the New NIST Standards for Security Testing.
The ETSI committee on Methods for Testing and Specifications (TC MTS) has recently completed a first set of seven standards addressing the testing of the IoT MQTT and CoAP protocols, and the foundational security IoT-Profile. “These new standards fill … Continue reading ETSI completes set of IoT MQTT and CoAP testing standards
As organizations work diligently to support evolving business needs, while at the same time battling cybercrime and other threats to critical data, the majority of disaster recovery solutions are not tested on a regular basis, according to iland. More … Continue reading Most disaster recovery solutions are not tested on a regular basis