Don't just hide behind the "not a bug" reply. Protect your cloud customers!
Managing the internal stress of being under constant cyber attack can be overwhelming. Here's a few personal rituals that can help.
Internal penetration testing is a proven way to find vulnerabilities before the bad guys do. Hiring hackers is even better. Here are eight tips for...
No service is perfectly secure, but white-hat researchers are on your side. What can you learn from others’ mistakes?
No one approach to teach developers about application security will work, but academia and the software industry can do better.
Security is about prevention of loss, not money-making. Here's why annual loss expectancy, not ROI, is the better measure.
Don't fear the dark web. Study it—and use it to your advantage to beef up your organization's security. Here's how.
Here's how design thinking can deliver on DevSecOps, and five ways to get started.
Here's what development teams need to know about the updated de facto OWASP standard for making your applications more secure.
Integration between penetration testing and your SIEM has several important benefits. It's time to make it happen at your organization.

Pages