DevOps.com

Where the world meets DevOps

Tag: appsec

Checkmarx, survey, DevOps, AppSec

Participate in the Checkmarx 2020 Survey

| | appsec, automation tools, Checkmarx, devops, DevOps Survey, devops tools, devsecops, security tools, software development
Checkmarx, the global leader in software security solutions for modern enterprise software development, and DevOps.com are conducting a survey about the implementation of DevOps and related automation and security tools. The purpose ...
appsec

5 Ways to Detect Application Security Vulnerabilities Sooner to Reduce Costs and Risk

| | application security, appsec, cost optimization, DAST, open source vulnerabilities, SAST
Security testing has always been an important step in the application development process. Yet, traditional measures often occur too late in the process to effectively find and fix vulnerabilities before causing costly ...
SignalFX

The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 2)

| | appsec, devops, devsecops, pull requests, sdlc, security, shift left
In part one of this two-part series, I explored how organizations can more effectively automate security quality decisions and discard doing automation for automation’s sake. I shared why security scans need to ...
Helping Developers Win in the Shift-Left Revolution

Helping Developers Win in the Shift-Left Revolution

| | appsec, developers, devsecops, security, shift left
The shift-left revolution is upon us. Just because it’s a cliche, doesn’t mean it’s not true. As software development organizations continue to implement DevOps culture, processes, and tools, developers are adopting the ...
New Security Breed with Veracode's Mark Curphey

DevOps Chat: The New Security Breed with Veracode’s Mark Curphey

| | appsec, devops, devsecops, featured, security
DevSecOps has changed the way developers approach security in their application development cycle. But it's also been the source of confusion, as some developers grapple with understanding how DevSecOps is different from ...
ASRTM DevOps Security Compass

DevOps Chat: ASRTM for DevOps with Rohit Sethi, Security Compass

| | appsec, devopschat, devsecops
In this DevOps/Security Boulevard Chat we speak with Rohit Sethi, COO of Security Compass about ASRTM, which stands for Application Security Requirements and Threat Management. Gartner has recently released a hype cycle ...
Case Study: Pearson Weaves ThreadFix into AppSec, Part 2

Case Study: Pearson Weaves ThreadFix into AppSec, Part 2

| | application security, appsec, case study, Pearson, pipeline build, ThreadFix
In part one, we discussed how education content publisher Pearson applied ThreadFix to its AppSec request workflow needs. Here’s the rest of the story. The ThreadFix Implementation Senior software security engineer Matt ...
Case Study: Pearson Weaves ThreadFix into AppSec, Part 1

Case Study: Pearson Weaves ThreadFix into AppSec, Part 1

| | application security, appsec, case study, Pearson, pipeline build, ThreadFix
Pearson is a publisher of education industry content to meet the needs of teachers and students from kindergarten/early learning through higher education and continuing education (for professionals). The company uses a mix ...
The Myth of DevOps as a Catalyst to improve Security?

The Myth of DevOps as a Catalyst to improve Security?

| | application security, appsec
Few topics within DevOps discussions elicit more controversy than the relationship between DevOps and information security. Do DevOps practices help to improve security, or do most organizations simply automate and bring their ...
Build security into your app development

Build security into your app development

| | app dev, appsec, data security
Integrate security testing into your dev process now or else face cyber-attacks later The way we develop software has been radically transformed in the last few years. Agility and speed are vital ...