%term

The latest News and Information on Application Security including monitoring, testing, and open source.

Malicious Packages Special Report Overview

Aug 24, 2023 By Mend In Mend

Malicious Packages: A Growing Threat to the Software Supply Chain The global economy runs on software applications, and their function and security are critical to every company’s success. Many applications have exploitable vulnerabilities that modern defenders struggle to effectively detect and remediate. In addition to the growing number of vulnerabilities, today’s security teams face the emerging challenge of malicious packages.

View Video

Mend

Read more about Malicious Packages Special Report Overview

Five Key Application Security Best Practices and Benefits for Maintaining Up-to-Date Dependencies

Aug 22, 2023 By Rhys Arkins In Mend

We’re using more code, software components, and dependencies than ever before, making security breaches an ever-growing threat. It’s easy for developers and DevOps teams to neglect dependency updates when faced with such high volume, but doing so allows applications to fall behind the latest versions if not properly managed. This typically leaves applications using outdated dependencies, which exposes them to ever-increasing security debt and risk.

Read Post

Mend

Read more about Five Key Application Security Best Practices and Benefits for Maintaining Up-to-Date Dependencies

Application Security Report: Q2 2023

Aug 21, 2023 By Michael Tremante In Cloudflare

Cloudflare has a unique vantage point on the Internet. From this position, we are able to see, explore, and identify trends that would otherwise go unnoticed. In this report we are doing just that and sharing our insights into Internet-wide application security trends. This report is the third edition of our Application Security Report. The first one was published in March 2022, with the second published earlier this year in March, and this is the first to be published on a quarterly basis.

Read Post

Cloudflare

Read more about Application Security Report: Q2 2023

An Introduction to Application Security

Aug 21, 2023 By Jeff Darrington In Graylog

While security teams may “run on Dunkin’,” companies run on applications. From Salesforce and Hubspot to ServiceNow and Jira, your organization relies on a complex, interconnected application ecosystem. In 2022, organizations used an average of 130 Software-as-a-Service (SaaS) applications. While these technologies enabled them to reduce costs and achieve revenue targets, they created new security risks.

Read Post

Graylog

Read more about An Introduction to Application Security

Does GitOps enhance application security?

Aug 21, 2023 By Vandana Verma Sehgal In Snyk

GitOps was pioneered by Weeveworks in 2017. It uses familiar tools to implement continuous deployment for cloud-native applications, improving the developer experience of Kubernetes cluster management and application delivery.

Read Post

Snyk

Read more about Does GitOps enhance application security?

Application Security Requirements: Trends and Best Practices

Aug 18, 2023 By Kayly Lange In Splunk

Ensuring application security is not just about protecting data. It’s about safeguarding your company's reputation, keeping customer trust, and adhering to increasingly stringent regulatory requirements. Read on as we delve into application security requirements: the pressing security threats impacting applications, the critical security requirements your application needs to meet, and the best practices to adopt to achieve robust application security.

Read Post

Splunk

Read more about Application Security Requirements: Trends and Best Practices

Creating a Culture of Security

Aug 14, 2023 By Datadog In Datadog

Just as DevOps is more than just CI/CD tooling, DevSecOps is more than simply scanning code for vulnerabilities in your deployment pipeline. Creating a culture where every engineer is invested in reducing risk and values security can be challenging. In this panel session, we’ll chat with engineering leaders from security, development, and operations to learn how they’re fostering a culture of security in their organizations.

View Video

Datadog

Read more about Creating a Culture of Security

Securing your Software Supply Chain

Aug 14, 2023 By Datadog In Datadog

Composability has rapidly accelerated the pace of software development by allowing engineers to reuse openly shared libraries and packages. But the widespread adoption of these components also makes them an enticing avenue of attack for malicious actors. In this fireside session, André Arko (Head of Open Source, Ruby Central) and Dustin Ingram (Director, Python Software Foundation) will join Emilio Escobar (CISO, Datadog) for a discussion about securing your software supply chain.

View Video

Datadog

Read more about Securing your Software Supply Chain

Navigating the complex landscape of dynamic app security with AlgoSec AppViz

Aug 10, 2023 By Malcom Sargla In AlgoSec

In the fast-paced world of technology, where innovation drives success, organizations find themselves in a perpetual race to enhance their applications, captivate customers, and stay ahead of the competition. But as your organization launches its latest flagship CRM solution after months of meticulous planning, have you considered what happens beyond Day 0 or Day 1 of the rollout?

Read Post

AlgoSec

Read more about Navigating the complex landscape of dynamic app security with AlgoSec AppViz

Reproducing common attacks in the cloud with Stratus Red Team

Aug 9, 2023 By Datadog In Datadog

Stratus Red Team is a project that allows you to easily reproduce, understand, and detect common attack techniques in the cloud. As a self-contained tool, you can also use it to validate your threat detection logic. In this video, Christophe walks through the use of Stratus Red Team to reproduce a common AWS attack.

View Video