Application security debt occurs any time your company discovers vulnerabilities that go unfixed. Here's how to stay on top of it.
Embrace and understand the shared responsibility model with your cloud platform provider. Cloud computing doesn't mean you have no part to play.
Perfect API security doesn't exist, but here are some techniques and strategies you can use to make life more difficult for hackers.
Here are key research findings to help you strategize to secure your apps and support your developers with proper technology and training.
How secure will your codebase be? The best predictor is your organizational complexity. Here's why—and what to do about it.
Don't assume any code is safe. Zero trust is how you ensure that only approved code can access sensitive information. 
If you're planning on migrating from Python 2, or any similar undertaking, here are key lessons from the developers at Dropbox.
Here are the skills every application security pro needs to get a better job—and a hefty bump in salary.
It’s time to consider phasing out Android phones that aren’t getting monthly security updates.
Defense in depth: Protect your session cookies, and do what you can to validate their use.