5 reasons you should consider a career in application security
There are many reasons to consider a career in AppSec, but one stands out: Software supply attacks are creating job security and opportunity.
Jaikumar Vijayan
Freelance technology journalist. A former Senior Editor of Computerworld, Jai is a journalist and technology content writing specialist, with 20+ years of award-winning experience in IT trade journalism. He is a correspondent for the Christian Science Monitor and a contributor to Dark Reading, eWEEK, Datamation, IBM Security Intelligence, and Third Certainty. He writes features and covers breaking news stories on information security, data privacy, and big data/business analytics. His recent projects include ERP case studies and an e-book on enterprise mobility management best practices.
Posts from Jaikumar Vijayan
5 reasons you should consider a career in application security
Secure your AI development tools: 4 key questions to ask
When using AI tools including GitHub Copilot, your security team must be aware of — and protect against — certain risks. Here are the top considerations.
.webp&w=3840&q=75)
ESF steps up supply chain security guidance with call for binary analysis
To advance the state of software supply chain security and better mitigate risk, the Enduring Security Framework group has highlighted the need for binary analysis and reproducible builds.
MFA and software supply chain security: It's no magic bullet
SolarWinds, Codecov, and Kaseya showed how adversaries with access to a development environment can wreak havoc. Multifactor authentication is key, but it's not an "end-all solution."
The AI executive order: What AppSec teams need to know
While the new White House EO is largely focused on foundational AI, security teams reviewing AI initiatives are still in the hot seat.
5 best practices for securing your CI/CD with software bills of materials
SBOMs are essential — but making them useful in CI/CD environments is tricky. Here are 5 key best practices.
How mature is your open-source risk management? S2C2F helps map dependencies
The OpenSSF's Secure Supply Chain Consumption Framework can be used to better discover the risks of open-source components — but remediation is left for organizations to figure out later.
Docker's BuildKit adds attestation: How it works and key limitations
Here's what you need to know about BuildKit and its Supply Chain Levels for Software Artifacts (SLSA) provenance capabilities for SBOMs.
3 reasons to upgrade your AppSec testing to tackle supply chain security
Modern software development is a primary target for supply chain attacks. Here's why traditional application security testing alone is not up to the job.