Articles

Mobile Application Security Testing (MAST) - Challenges & Tools

Mobile application security testing (MAST) is a vital element of mobile app security. Here’s how it works, plus tips for MAST tools and best practices.

What is ASPM? (Application Security Posture Management)

Application security posture management (ASPM) overview - Learn how to strengthen app security using holistic visibility, automation & robust security measures.

Android Application Security - Securing Android Apps for Developers

Risk-Based Vulnerability Management (RBVM): What is it & how to implement

Risk-based vulnerability management (RBVM) is a relatively new AppSec practice that empowers organizations to see their risk in context and prioritize the most critical fixes.

How to secure SaaS applications

Learn how to secure SaaS applications as a vendor and which SaaS security best practices to implement across your organization as a user.

Security posture: Assessing & improving security at scale

Learn what security posture is, how to manage it, its role in compliance/supply chain, and how to measure security posture with 4 key metrics.

iOS Application Security - Securing Swift Apps for Developers

Securing Source Code in Repositories is Essential: How To Get Started

Keeping your source code secure helps safeguard it against data breaches, maintains user trust, and helps to prevent potential financial losses or reputational damage; learn why it's important and how to get started.

How To Measure Application Security: Metrics, Tools & KPIs

How do you know if your application security program is effective? Learn the key metrics to track for your application and tools that can help.

External Attack Surface Management (EASM): Managing Digital Risk

External attack surface management is key to cybersecurity. Discover what EASM is, when you need it, solutions like Snyk, and steps to implement it effectively.

Application Risk Management

Application risk management is critical but increasingly complex. This guide outlines the steps of application risk management and valuable tools for developers.

Code scanning 101

Learn how code scanning works, why it’s essential to software supply chain security, which tools to use, and how to follow code scanning best practices.

Developer-First Security: How Dev-Friendly AppSec Boosts Security

Developer first security empowers developers to secure products and applications with tools, education, and policies that fit into existing workflows

How to prioritize vulnerabilities based on business risk

Vulnerability prioritization entails organizing and ranking an application's vulnerabilities to streamline remediation efforts; this involves assessing each vulnerability based on severity, risk, reachability, business criticality, and potential impact.

What is Incident Response? Definition, Steps and Tools

Everything you need to know about incident response including steps for creating an effective incident response plan that mitigates the damage of a cyber attack.

The shared responsibility model for cloud security

Cloud security is a shared responsibility between cloud providers and customers.

Best practices for driving developer adoption of security tools and processes

Learn best practices for driving developer adoption of security tools and processes.

Understanding development teams

Driving developer adoption of security tools and practices requires empathy for and understanding of your development teams.

Empowering your developers

Learn how to support your teams so they feel empowered to adopt developer security practices and tools.

Understanding the developer attitude to security

Learn why developers adopt security practices, what the blockers are, and what you can do to make it easy for them to stay secure.