Articles

Implementing Shift Left Security Effectively

Learn more about shift left security, the dangers of keeping security right, and some best practices and tools for getting started.

Top 10 application security acronyms

Read all about AppSec acronyms you need to know to be able to freely discuss the results of a recent penetration test or static analysis of the code.

9 Password Storage Best Practices

Secure password storage is a challenge for every organization — whether a small startup or a major corporation.

The Basics of Getting Started with Shift Left Testing

Learn about shift left testing, an integrated approach to addressing security and testing as early as possible in the SDLC to find and fix vulnerabilities.

A deep dive into cyber threat intelligence

As companies continue to adopt cloud native technologies, nearly 60% have increased concerns about their security posture.

Benefits of security analytics

Learn more about security analytics, a proactive security approach that detects advanced security threats with artificial intelligence and machine learning.

How Does Threat Modeling Fit Into the Fast World of DevSecOps?

Learn more about threat modeling and how to get security benefits without putting gates in front of the software development process. Take threat modeling a step further “left.”

Static code analysis explained & best tools

Learn how to use the best Static Code Analysis tools to prevent security incidents that often slip through the cracks in production.

Establishing Application Security Policies that Power Secure Development Processes

Learn how to establish Application Security Policies, a well-developed process that supports the speed of your organization and instills confidence in your customers

Understanding Security Automation

Learn more about security automation, a practical necessity for any successful software operation. Identify incoming cyberthreats and prioritize remediation actions.

Interactive Application Security Testing (IAST)

Learn more about (IAST), application security testing method that tests your application for vulnerabilities in execution and why IAST might not even be an option for you.

Dynamic Application Security Testing (DAST)

Learn more about Dynamic application security testing (DAST), a type of black-box testing that checks your application from the outside while the software is actually running.

Key Components of the DevOps Pipeline

A DevOps pipeline helps teams build, test, and deploy software quickly and efficiently through a combination of tools and practices. Learn how it works and how to apply it.

Software Security Explained

Learn more about software security, proper tools and processes to identify and remediate software bugs. Connection to application security, secure SDLC and more.

Vulnerability scanner: what is it and how does it work?

Learn more about vulnerability scanners, including the top 3 types and categories, how they work, and how to choose the right vulnerability scanning tool.

Software Development Life Cycle (SDLC): Phases and Methodologies

Learn more about SDLC (Software Development Life Cycle) phases and methodologies that define the entire software development procedure step-by-step.

Vulnerability Assessment: Tools and Steps to Improve Security Posture

Learn more about vulnerability assessment to stay secure and efficiently evaluate the state of security weaknesses and flaws in your systems and environments.

Secure coding practices every developer should know

Secure coding involves writing code in a high-level language that follows strict principles, with the goal of preventing potential vulnerabilities

Docker Security Scanning Guide

Learn more about Docker Security Scanning to help you get started scanning your container images in Docker and other registries.

Cloud native security guide for building secure applications

Cloud native Security is the practice of securing cloud-based platforms, infrastructure and applications by building in security throughout the development process