Integrating security into your DevOps can be challenging. Here are five simple ways to make DevSecOps a reality in your organization.
Here's what your application security team needs to know about the changes in the OWASP Top Ten list.
As IoT devices multiply, so does the amount of data they contain. Built-in security is the answer. Here's where to focus.
OpenSAMM, BSIMM, and MS-SDLC, take approaches that resemble waterfall methodologies. These approaches to secure SDLC are failing many in the industry.
Whether your company is embarking on an application-security program or your program is running strong, finding the right metrics to track is key.
The days of software companies shifting responsibility for vulnerabilities is coming to an end. Are your developers ready?
Any application security team can benefit from bug bounties. Here are three steps to make the most of your initiative.
Here's what every application security team needs to know about the new OWASP Top Ten update candidate.
Here are smart, cost effective steps you can take to get your foot in the door as an application security engineer.
That popularity of APIs—and the money involved—make them a magnet for cybercriminals. Experts weigh in on who needs to own API security.