Security experts share how to make your software pipelines and container deployments safe, and your DevSecOps GDPR-compliant.
While most enterprises are confident that their apps are well-tested and secure, concerns are growing that those tests may have missed something.
Here's a walkthrough of the discovery, patching, and disclosure of the Kubernetes subpath vulnerability (CVE-2017-1002101).
Improving quality and catching defects improves other areas, so QA's objectives support the main goal of app sec: catching security defects.
How does your team move beyond the concept of security as code into action? Here are 11 tips to get you started.
Here's what you can learn from companies leading the charge on DevSecOps, as well as pitfalls to be aware of.
Embedding security within the development lifecycle is more challenging with the GDPR. This practical guide will get you started.
New models offer insights into which vulnerabilities in your organization will be exploited—and when.
As firms move software to the cloud, they're finding they need to change their security approach. Here are the main lessons from BSIMM 9.
No one approach to teach developers about application security will work, but academia and the software industry can do better.