%term

The latest News and Information on Application Security including monitoring, testing, and open source.

Malicious Package Trend Analysis

Jul 21, 2023 By Mend In Mend

It might seem obvious that regularly upgrading software and dependencies means your software is inherently more secure, but in practice, this is hard to achieve. Choice Hotels struggled to manually maintain their codebase and remediate all the transitive vulnerabilities lurking in the code. Today’s compositional applications created a complex archeological exploration challenge for developers trying to resolve security issues across a codebase. It was time-consuming, tedious, and imperfect.

View Video

Mend

Read more about Malicious Package Trend Analysis

Secure Features, Sales Soar | A CPO's Take on Application Security | Marcelino M. (CPO, Stream)

Jul 20, 2023 By Indusface In Indusface

In this episode, Marcelino Moreno (CPO, Stream) shares with Venkatesh (Venky) Sundar how product managers can contribute to an organization's growth by baking in security into the product roadmap. He also shares how a product manager can influence engineering teams to prioritize vulnerability patching along with building features to ensure that the customers use a secure product. Key highlights from the discussion.

View Video

Indusface

Read more about Secure Features, Sales Soar | A CPO's Take on Application Security | Marcelino M. (CPO, Stream)

Why is Software Vulnerability Patching Crucial for Your Software and Application Security?

Jul 20, 2023 By Adam Murray In Mend

Software vulnerability patching plays a critical role in safeguarding your code base, software, applications, computer systems, and networks against potential threats, and ensuring they’re compliant, and optimized for efficiency. Organizations’ codebases have become increasingly complex, involving sophisticated relationships between components and their dependencies.

Read Post

Mend

Read more about Why is Software Vulnerability Patching Crucial for Your Software and Application Security?

Choosing the Right Managed Application Security Provider: A Guide

Jul 19, 2023 By Komodo Research In Komodo Consulting

Imagine, if you will, that you are the esteemed ruler of a vast digital dominion, and your applications are the lifeblood of your realm. Yet, in the boundless expanse of cyberspace, there lurk dragons of the most fearsome kind—cyber threats, data breaches, and hackers. You require a champion, a Managed Application Security Provider (MASP), to safeguard your kingdom. But how, pray tell, does one select the right one?

Read Post

Komodo Consulting

Read more about Choosing the Right Managed Application Security Provider: A Guide

LLMs Need Security Too

Jul 14, 2023 By Datadog In Datadog

In this episode Jb and Izar are joined by David Haber, CEO of Lakera, who focuses on securing LLMs and their use. We explore topics like prompt injection and their impact on security, safety and trust, and we look at the Gandalf experiment ran by Lakera. We touch on the recently drafted OWASP Top 10 on LLM project, and have a great discussion on what LLMs are really doing and their potential as tools and targets.

View Video

Datadog

Read more about LLMs Need Security Too

This Month in Datadog: ASM protection features, Remote Configuration, Workflow Automation, and more

Jul 6, 2023 By Datadog In Datadog

Datadog is constantly elevating the approach to cloud monitoring and security. This Month in Datadog updates you on our newest product features, announcements, resources, and events. This month, we put the Spotlight on Application Security Management’s protection capabilities..

View Video

Datadog

Read more about This Month in Datadog: ASM protection features, Remote Configuration, Workflow Automation, and more

Container Security Fundamentals - Linux Namespaces (Part 2): The PID Namespace

Jul 5, 2023 By Datadog In Datadog

In this video we continue our examination of Linux namespaces by looking at some details of how the PID namespace can be used to isolate a container’s view of processes running on the host, and how this feature can be used for troubleshooting container problems. To learn more read our blog on Datadog’s Security Labs site.

View Video

Datadog

Read more about Container Security Fundamentals - Linux Namespaces (Part 2): The PID Namespace

Vulnerability Prioritization: Looking at CVSSv4

Jun 29, 2023 By Datadog In Datadog

Vulnerability Prioritization: Looking at CVSSv4.

View Video

Datadog

Read more about Vulnerability Prioritization: Looking at CVSSv4

Announcing the Open-Source Reliability Leaderboard: A New Resource for Preventive AppSec

Jun 29, 2023 By Carol Hildebrand In Mend

We are excited to announce the inaugural edition of the Mend.io Open-Source Reliability Leaderboard! Powered by data from Renovate, the wildly popular open-source dependency management tool, the Leaderboard presents the top packages in terms of reliability across three of the most widely used languages.

Read Post

Mend

Read more about Announcing the Open-Source Reliability Leaderboard: A New Resource for Preventive AppSec

Cloud Security Lounge: Vulnerability Management the SBOM Way

Jun 29, 2023 By Datadog In Datadog

Vulnerability Management always starts from… a list of vulnerabilities. But where does this list come from? How do you know what software an organization is using? SBOM is a way to describe all this. It’s a data model, a format, used by a broad ecosystem helping manage vulnerabilities and more.

View Video