September 20, 2023
What if dev and app sec teams showed the same nimbleness and ruthless efficiency as cybercriminals? Fastly's Kelly Shortridge explains why it's essential.
September 12, 2023
"Shift left" is giving way to up-front risk assessments, and companies are tapping external support for third-party compliance. Learn from app sec peers.
September 7, 2023
These leading app sec experts provide a steady of flow of security knowledge to keep you up to speed.
August 21, 2023
GUAC-ALYTICs will model risk across open source software supply chain interdependencies using a new algorithmic engine. Here's what you need to know.
August 16, 2023
Four months after the release of Secure by Design/Secure by Default, CISA's software security initiative is little more than an aspirational exercise.
August 15, 2023
Purdue researchers expose generative AI tools like Copilot's frequent errors when asked basic development questions. Only fools rush in.
August 8, 2023
Deep learning model knows what keys you press — “with 95% accuracy.” The password's days are numbered.
August 3, 2023
ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo.
August 2, 2023
Your app sec team should factor in more capable malicious AI tools, coming soon.
July 25, 2023
It’s an optional trial program (for now). How would your dev team cope? Is this the future of zero trust?
July 19, 2023
Safe programming languages and packages can dramatically reduce vulnerabilities. Here's my rundown on the safest bets for secure coding.
July 17, 2023
CISA and NSA issued security guidance on continuous integration/continuous delivery environments — but missed an opportunity to escalate the conversation.