20 application security pros you should follow
These leading app sec experts provide a steady flow of security knowledge to keep you up to speed.
Read More about 20 application security pros you should followAppSec & Supply Chain Security
20 application security pros you should follow
Lemons and liability: How security warranties could tame the software market
In this ConversingLabs, Daniel Woods shares insights from his research on software warranties and discusses how shifting liability to producers could define the market.
Read More about Lemons and liability: How security warranties could tame the software market
10 Hacker Summer Camp speakers to follow year-round
Knowledge sharing with cybersecurity experts doesn't have to stop after Hacker Summer Camp wraps up. Follow these top speakers throughout the year.
Read More about 10 Hacker Summer Camp speakers to follow year-round
The Week in Security: WinRAR exploit targets traders, malicious npm packages go after game devs
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: WinRAR exploit targets traders, malicious npm packages go after game devs
Supply chain security: Is technical debt weighing your team down?
Doing just vulnerability management and piecemeal app sec testing are equivalent to paying only the interest on mounting security technical debt. Where does your organization stand?
Read More about Supply chain security: Is technical debt weighing your team down?
Risk modeling model exposes supply chain's 'hiddenness of knowledge'
GUAC-ALYTICs will use a new algorithmic engine to model risk across open-source software supply chain interdependencies. Here's what you need to know.
Read More about Risk modeling model exposes supply chain's 'hiddenness of knowledge'
The Week in Security: Researchers hack 'unbreakable' card-shuffling hardware, Discord.io shut after breach
A Week of Breaches: The Intersection of Physical and Digital Security Failures
Read More about The Week in Security: Researchers hack 'unbreakable' card-shuffling hardware, Discord.io shut after breach
CISA's Secure by Design: Too much, too soon?
Four months after the release of Secure by Design/Secure by Default, CISA's software security initiative is little more than an aspirational exercise. Experts explain what it will take.
Read More about CISA's Secure by Design: Too much, too soon?
6 things you may have missed at Hacker Summer Camp
The summertime trio of events in Las Vegas — Black Hat, DEF CON, and BSides — is information overload for cybersecurity leaders and practitioners. Here are the sessions that stood out.
Read More about 6 things you may have missed at Hacker Summer Camp
OWASP researcher: Supply chain attacks require going beyond vulnerabilities
Jeremy Long, who founded OWASP's Dependency Check Program, urges organizations to shift from traditional AppSec testing to tools that can remediate malicious threats.
Read More about OWASP researcher: Supply chain attacks require going beyond vulnerabilities
The Week in Security: Cloudflare Tunnels abuse ramps up, U.K. voter data exposed
Stealthy Connections: The Rising Threat of Cloudflare Tunnel Abuse in Cyber Attacks
Read More about The Week in Security: Cloudflare Tunnels abuse ramps up, U.K. voter data exposed
Do you trust your software? Why verification matters
To manage risk, you need to trust the software you produce or consume — and that requires verification, provided by modern tools and a holistic approach.
Read More about Do you trust your software? Why verification matters
8 Black Hat sessions you don’t want to miss
Black Hat USA is a showcase for top security experts and companies. Here's our short list of must-see sessions for 2023.
Read More about 8 Black Hat sessions you don’t want to miss
The Week in Security: Malware gives remote access to air-gapped devices, cyber attackers target Italy
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: Malware gives remote access to air-gapped devices, cyber attackers target Italy
Rust progress: New threat modeling, tools bolster programming language
Here's why the Rust Foundation Security Initiative's audit and resulting new tooling matter for secure coding — and software supply chain security.
Read More about Rust progress: New threat modeling, tools bolster programming language