App sec prioritization is priority No. 1 for CISOs
Application security veterans Mark Curphey and John Viega went on a CISO listening tour. Here's what they learned.
Ericka Chickowski
Freelance writer. Ericka Chickowski's award-winning writing on business and technology have appeared in dozens of trade and consumer magazines, including Entrepreneur, Consumers Digest, Channel Insider, CIO Insight, Dark Reading, DevOps.com and InformationWeek. She's made it her specialty to explain in plain English how technology trends affect real people.
Posts from Ericka Chickowski
App sec prioritization is priority No. 1 for CISOs
Supply chain security: Is technical debt weighing your team down?
Doing just vulnerability management and piecemeal app sec testing are equivalent to paying only the interest on mounting security technical debt. Where does your organization stand?
Risk modeling model exposes supply chain's 'hiddenness of knowledge'
GUAC-ALYTICs will use a new algorithmic engine to model risk across open-source software supply chain interdependencies. Here's what you need to know.
AI and the software supply chain: AppSec just got way more complicated
In addition to the extensive list of components in today's software, AI relies on open-source AI models and training data. What could possibly go wrong?
5 reasons why cyber attackers love software developers
Hackers are having a field day targeting developers with supply chain attacks, which open doors to other compromises. Here's why — and what to do about it.
5 AI threats keeping SOC teams up at night
Your security operations team should be planning how to stay ahead of these emerging AI risks.
7 obstacles to success with software bills of materials
The path to success for SBOMs faces many hurdles. Here are key factors that threaten your investments.
How to operationalize software bills of materials for incident response
Here's why SBOMs are essential for cybersecurity incident response — and how to put them to work.
Why 'shift left' is now a dirty term in some security circles
Here's why some security practitioners question the term — and what they think app sec teams should focus on instead.