Mobile and third-party risk: How legacy testing leaves you exposed
Without modern application security tooling, including binary analysis, the third-party risk management puzzle is incomplete.
John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.
Posts from John P. Mello Jr.
Mobile and third-party risk: How legacy testing leaves you exposed
Changes to CVE program are a call to action on your AppSec strategy
The CVE's challenges mean it's time to get off the vulnerability hamster wheel and modernize your risk program.
Quantum delivers really random numbers: How that boosts AppSec
Quantum random number generators can make software — including software development secrets — more secure. Here's how it works.
OpenSSF guidelines encourage OSS developers to build securely
The Open Source Secure Baseline provides a framework for securing OSS development — but it could breed complacency.
CISO survey: 6 lessons to boost third-party cyber-risk management
Risk is rising across the software supply chain while visibility remains low, making TPCRM challenging. Here's what you need to know.
OWASP supply chain security cheat sheet: 5 key action items
The complexity of today's software development makes supply chain security essential. This new cheat sheet is a great place to start.
Generative AI software development boosts productivity — and risk
The promise of higher development output is prompting rapid adoption of AI coding tools, but AppSec teams are in the hot seat with rising risk. Buckle up!
The top software development security challenges: The AI's have it
From the AppSec testing gap to data privacy, AI is increasing security worries. Here are key takeaways from a survey of development leaders.
Silent breaches and supply chain exploits: 5 lessons for cyber-teams
Hidden weaknesses and blind trust magnify the risks from third parties, a new report finds. Here are key takeaways for your cybersecurity team.