7 ways to put your code on a diet — and improve AppSec in the process
Code bloat is at the root of many security problems. Here's how development teams can bolster application security with more efficient code.
Ericka Chickowski
Freelance writer. Ericka Chickowski's award-winning writing on business and technology have appeared in dozens of trade and consumer magazines, including Entrepreneur, Consumers Digest, Channel Insider, CIO Insight, Dark Reading, DevOps.com and InformationWeek. She's made it her specialty to explain in plain English how technology trends affect real people.
Posts from Ericka Chickowski
7 ways to put your code on a diet — and improve AppSec in the process
4 ways hero culture is killing your security program's effectiveness
Learn why cybersecurity hero culture is a problem — and how companies can avoid its negative effects and develop more resilient security operations.
Evolution of AppSec: 4 requirements for the software supply chain security era
To cope in a new era of software supply chain attacks, application security must make a giant leap forward to modern practices and tooling.
Developers behaving badly: Why holistic AppSec is key
Mature organizations recognize that their AppSec approach has to keep pace with modern development teams. Here's why.
Secure by Design: How legacy application security is holding it back
Ingrained development patterns and legacy testing tools are holdovers from a reactive era of AppSec. Here's how how to move software security forward.
8 CI/CD security best practices: Protect your software pipeline
Don't neutralize CI/CD business gains by failing to account for risk. Here are best practices to ensure that your software development pipeline is secure.
App sec prioritization is priority No. 1 for CISOs
Application security veterans Mark Curphey and John Viega went on a CISO listening tour. Here's what they learned.
Supply chain security: Is technical debt weighing your team down?
Doing just vulnerability management and piecemeal app sec testing are equivalent to paying only the interest on mounting security technical debt. Where does your organization stand?
Risk modeling model exposes supply chain's 'hiddenness of knowledge'
GUAC-ALYTICs will use a new algorithmic engine to model risk across open-source software supply chain interdependencies. Here's what you need to know.