sdlc

Secure by Demand with Dick Brooks

Empowering Software Buyers Through Secure-by-Demand Guidelines

| | cisa, sdlc, TalkSecure Blog
Interview by Deb Radcliff, editor of TalkSecure, hosted by CodeSecure and syndicated at YouTube, Bright Talk, and Security Boulevard Recently, the Cybersecurity and Infrastructure Security Agency (CISA) released its Secure by Demand ...
CodeSecure

Gen-AI Won’t Replace Humans – or SAST – In the SDLC

| | AI, CodeSonar, SAST, sdlc, TalkSecure Blog
Interview with MITRE’s Tracey Bannon by industry analyst Deb Radcliff, editor of TalkSecure, hosted by CodeSecure and syndicated at Security Boulevard & YouTube Click HERE to listen. Whether people realize it or not, AI in ...
CodeSecure
Responding to and Recovering from Mobile App Security Breaches

Responding to and Recovering from Mobile App Security Breaches

| | API Security - Analysis, News and Insights, mobile app security, rasp, sdlc, zero trust
Zero Trust says “assume breach” and your response plan must cover handling third-party security incidents too. Mobile apps depend on third party APIs, and you need to be prepared to act quickly ...
Approov Blog
How to integrate SBOMs into the software development life cycle

How to integrate SBOMs into the software development life cycle

| | SBOM, sdlc, software bill of materials, Software Development
The widespread availability of third-party and open source software has significantly accelerated modern software development. These technologies also pose a risk, because the external code used by a company has not gone ...
Sonatype Blog
Visualize Your Open Source Governance With BOM Doctor

Visualize Your Open Source Governance With BOM Doctor

| | BOM Doctor, Open Source Tools, SBOM, sdlc, secure software supply chain
  ...
Sonatype Blog

SCA and CI/CD: The Most Delicious Alphabet Soup

| | CI/CD Security, SBOM, SCA, sdlc, software bill of materials, Software Composition Analysis, Uncategorized
In the continuous delivery (CI)/continuous delivery (CD) pipeline, one of the key ingredients to add to the pot is software composition analysis (SCA), an automated process that identifies the open source software ...
Rezilion

Where is Your Risk? Vulnerabilities in Software Development

| | Application Security, DevSecOps, DevSecOps Automation, DevSecOps tools, sdlc, Secure Coding, Software Development, Uncategorized, Vulnerability Management
Organizations are facing a variety of software-related risks, and vulnerabilities introduced in the development process are just one of them. The sooner they can figure out where these risks exist and how ...
Rezilion

Securing a Windows Development Environment

| | DevSecOps tools, dynamic sbom, sdlc, Software Attack Surface Management, software bill of materials, software supply chain, Uncategorized, Windows SBOM, Windows security
For many development organizations, Microsoft Windows remains the dominant operating platform. Therefore, ensuring the security of these systems needs to be a high priority for security leaders and teams and a Windows ...
Rezilion

Launching a Vulnerability Management Program

| | DevSecOps, dynamic sbom, SBOM, sdlc, Software attack surface, Software Attack Surface Management, software bill of materials, Uncategorized, Vulnerability Management
Launching a vulnerability management program requires a few methodical steps When President Biden’s executive order shone a light on the need to modernize and strengthen cybersecurity at the federal level, that arguably ...
Rezilion

Organizations Want to Adopt DevSecOps. What’s Getting in Their Way?

| | CI/CD Security, DevSecOps, DevSecOps Automation, DevSecOps tools, Ponemon Institute, sdlc, Uncategorized, Vulnerability Management
Security leaders are eager to move to a DevSecOps approach—and why wouldn’t they be? DevSecOps has been emerging as a key component in organizations’ efforts to build strong security into all the ...
Rezilion
Load more