%term

The latest News and Information on Application Security including monitoring, testing, and open source.

Application Security 101 - HTTP Headers Information Disclosure

Jun 27, 2023 By James Drew In Sentrium

This is the second article in our Application Security 101 mini-series. Read our first blog on how to configure HTTP response headers with security best practices. This time we’re going to discuss another misconfiguration that we often find during website penetration testing. This is not necessarily a ‘vulnerability’, however information disclosure via HTTP response headers can provide exact version information of the web server or web technologies in use on the underlying host.

Read Post

Sentrium

Read more about Application Security 101 - HTTP Headers Information Disclosure

Bridging the Gap to Success: Strengthening Business Application Security for Organizations

Jun 22, 2023 By AlgoSec In AlgoSec

Get ready to unlock a wealth of knowledge as Jade empowers businesses to proactively fortify their security defenses, navigate risks, and ensure compliance with regulations to protect sensitive data and inspire customer confidence. Join Jade on this enlightening journey to gain a deeper understanding of the evolving threat landscape and discover the best practices that can propel your organization towards triumph through effective application security. Don't miss out on this exceptional opportunity to learn from a true industry expert who genuinely cares about empowering businesses like yours.

View Video

AlgoSec

Read more about Bridging the Gap to Success: Strengthening Business Application Security for Organizations

Seamless Application Security Unleashed: Transforming Network Security with AlgoSec

Jun 22, 2023 By AlgoSec In AlgoSec

Join Asher in this insightful video as he shares his expertise on transforming network security with AlgoSec. Discover how seamless application security can be unlocked anywhere with the power of AlgoSec's innovative solutions. Asher dives into the key aspects of network transformation, security automation, and compliance management, providing valuable insights and practical strategies to enhance your organization's security posture. Gain a deeper understanding of network visibility, application connectivity, and risk mitigation, as Asher guides you through the process of optimizing security policies and improving overall threat detection.

View Video

AlgoSec

Read more about Seamless Application Security Unleashed: Transforming Network Security with AlgoSec

Chris Farris - Unblurring The Lines In Cloud Security

Jun 16, 2023 By Datadog In Datadog

00:00 Intro: welcome Chris!

03:05 Trends in cloud security, reflected at fwd:cloudsec

05:00 fwd:cloudsec submissions - more practitioners needed!

10:40 Blurring the lines: what does that practically means?

19:30 Cloud service providers maturity: their security posture evolved

24:30 Public Cloud Security Breaches

30:01 Public Cloud Security Breaches demo

32:35 the Last Pass attack deep dive

38:00 Identify the crown jewels!

View Video

Datadog

Read more about Chris Farris - Unblurring The Lines In Cloud Security

Strengthening the Shield: Best Practices for Application Security

Jun 15, 2023 By Robin H. In Sedara

In an ever-evolving threat landscape, safeguarding the integrity of applications is a real concern. The consequences of a single security breach can be devastating, leading to data links, financial losses, and irreparable damage to a company’s reputation. Organizations across industries must equip themselves with reasonable defense mechanisms to fortify their applications against malicious actors.

Read Post

Sedara

Read more about Strengthening the Shield: Best Practices for Application Security

7 Best Practices for Modern AppSec Programs

Jun 15, 2023 By Adam Murray In Mend

Mend.io CEO Rami Sass, Jeff Martin, VP of product management, and CMO Arabella Hallawell recently sat down for a panel discussion on AppSec today. In this second of a two-part series, they get tactical, as they discuss seven best practices for building modern AppSec programs.

Read Post

Mend

Read more about 7 Best Practices for Modern AppSec Programs

Mend.io Launches AppSec Risk Assessment Program

Jun 14, 2023 By Jeanette Sherman In Mend

At Mend.io, we’re always looking for ways to help organizations understand their application security risk. This week, we’re proud to announce a new initiative designed to make it easier than ever for organizations to visualize and remediate their biggest sources of risk: the Mend.io AppSec Risk Assessment Program.

Read Post

Mend

Read more about Mend.io Launches AppSec Risk Assessment Program

Mend.io Launches AppSec Risk Assessment Program to Aid Understanding and Prioritization of Application Risk

Jun 13, 2023 By Mend In Mend

Mend.io announces the launch of a new AppSec Risk Assessment program to help organizations understand and prioritize their application risk.

Read Post

Mend

Read more about Mend.io Launches AppSec Risk Assessment Program to Aid Understanding and Prioritization of Application Risk

Container Security Fundamentals - Linux namespaces part 1: The mount namespace

Jun 13, 2023 By Datadog In Datadog

One of the technologies used by Linux containers to provide an isolated environment, is namespaces. They are used to provide a contained process with an isolated view of different Linux resources. In this video we look at some of the details of how Linux namespaces work and then take a more detailed look at the mount namespace which isolates a processes' view of its filesystem.

View Video

Datadog

Read more about Container Security Fundamentals - Linux namespaces part 1: The mount namespace

Get It Right First Time with a Comprehensive Approach to Application Security

Jun 9, 2023 By Brian Roche In Veracode

In the rapidly evolving digital landscape, ensuring robust application security is paramount for organizations. With the emergence of AI-powered attacks and other sophisticated threats, it is crucial to integrate comprehensive Application Security Testing (AST) into the Software Development Lifecycle (SDLC).

Read Post