State of development: 5 key AppSec steps
Application security pros need to be ready to cope with security at the speed of code. Here's how to get a handle on modern software risk.
John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.
Posts from John P. Mello Jr.
State of development: 5 key AppSec steps
OWASP AIVSS targets agentic AI risk
The new AI Vulnerability Scoring System (AIVSS) picks up where the Common Vulnerability Scoring System (CVSS) falls short.
The true cost of CVEs: Go beyond vulnerabilities
Triaging and patching, plus meeting compliance demands, all bog down modern software teams — and divert time away from development.
Autonomous dev is coming: Is your AppSec ready?
Replacing software engineers with AI won't be happening soon — but AI coding is already changing the software risk landscape. Is your company prepared?
Europe's EUVD could shake up the vulnerability database ecosystem
EU steps up to fill gaps from the US NVD and CVE. Here's what you need to know — and why you need to think beyond vulnerabilities.
Red-teaming agentic AI: New guide lays out key concerns for AppSec
Agentic AI is a different animal for application security red teams. Here are key takeaways from the Cloud Security Alliance's new guide.
OWASP's Chat Playground lets security teams toy with gen AI
The new tool provides a low-cost approach to testing the security of generative AI chat experiences — though it lacks out-of-band AI controls.
The evolution of AppSec: Getting off the hamster wheel remains elusive
Experts say scan-and-fix will remain for some time. But application security tools are evolving to provide prioritization and automation.
Boost VM security: 8 key strategies
Virtual-machine ubiquity requires rethinking traditional AppSec controls — and modernizing your approach. Here are essential considerations.