Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cloudflare announces Cloudflare One, a new cloud-based network-as-a-service solution designed to help organizations ensure that their systems remain secure while their employees work remotely. [Read More]
GitHub announces the general availability of Code Scanning, a feature that enables developers to easily identify vulnerabilities in their code. [Read More]
Microsoft releases Project OneFuzz, an open source fuzzing framework for Azure that the company has been using internally for the past year. [Read More]
Developer security company Snyk has raised $200 million in a Series D funding round, which brings its valuation to over $2.6 billion. [Read More]
The American Payroll Association (APA) says user information was stolen after attackers managed to inject a skimmer on its website. [Read More]
Content delivery network (CDN) provider Fastly (NYSE: FSLY) has agreed to acquire web application security firm Signal Sciences for approximately $775 million in cash and stock. [Read More]
Adobe has made available in open source a tool designed to identify randomly generated strings in any plain text. [Read More]
Pentest-as-a-Service company Cobalt has raised $29 million in a Series B funding round, which it will use to expand its platform. [Read More]
Adaptive Shield this week emerged from stealth mode to automate the security of software-as-a-service (SaaS) applications. [Read More]
Secure Access Service Edge (SASE) and Network-as-a-Service (NaaS) solutions provider Perimeter 81 has closed a $40 million Series B funding round that brings the total raised by the company to $65 million. [Read More]

FEATURES, INSIGHTS // Application Security

rss icon

Gunter Ollmann's picture
CISOs are increasingly partnering with DevOps leaders and vigilantly modernizing secure development lifecycle (SDLC) processes to embrace new machine learning (ML) approaches.
Gunter Ollmann's picture
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
Preston Hogue's picture
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Preston Hogue's picture
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Preston Hogue's picture
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Preston Hogue's picture
Applications have been deconstructed to the point where we need to think about them with a new level of abstraction to understand how security needs to evolve.
Preston Hogue's picture
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
Preston Hogue's picture
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
Preston Hogue's picture
If done right and integrated throughout the process, security ends up being not a source of friction, but a function that protects the business, at the speed of business.
Ashley Arbuckle's picture
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.