AppSec Blog

Keep up with the latest news on cybersecurity, technical trends, and programming best practices.

Category: DevSecOps

Recent Posts

How to Increase Development Pipeline Efficiency

Software development organizations define success by providing the right products to their customers that meet quality, schedule and budgetary constraints. It includes specification, design, development, testing, quality assurance, building and deployment. ...

DevSecOps

Identity Management Outlook for 2021

Earlier this year saw the celebration of the first Identity Management Day to punctuate the importance of protecting cyberspace identities.

DevSecOps

New Security Concerns in Hybrid Office Models

As 2021 reaches its halfway point, many businesses are transitioning back toward more on-premises operations, but some analysts believe that a hybrid workforce will be the new normal. In a hybrid model, the workforce is made up of both on-premises and remote ...

Social Engineering: How Prestidigitation Is at Its Heart

Social engineers use many of the same techniques to create an illusion in order to gain a victim’s trust and trick the person into doing their dirty work. They are essentially magicians, with the intent to derive some direct value by deceiving victims. ...

DevSecOps

What’s Changed in the 2021 CISSP Exam?

CISSP is one of the most prestigious vendor-neutral information systems security leadership certifications. The certification is a credential that signifies its holder possesses professional experience and demonstrates a high level of knowledge across informa...

DevSecOps

The State of Mobile App Security 2021

The ever-increasing popularity and use of smartphones dwarfs that of more conventional computing devices, such as desktop, laptops, tablets and so forth. Here are some numbers to put things in perspective: according to Statista the total number of m...

DevSecOps Trends

Analyzing the Colonial Pipeline Ransomware Attack

On May 7, Colonial Pipeline had to shut down its pipelines due to a ransomware attack. Colonial is a major oil pipeline operator in the southern and eastern United States. Its pipelines extend from Texas to New Jersey and reach Louisiana, Mississippi, Alabama...

DevSecOps Industry AppSec Risk Management

Facebook Scraping Incident Leaks Info for Half Billion Users

In early April, numerous sources disclosed discovery of a pool of Facebook records including information on more than 530 million of its users. The leaked information included users’ names, dates of birth, and phone numbers as posted to a website for hackers....

DevSecOps Trends

Pandemic Legacy: Remote Work and Digital Transformation

The COVID-19 pandemic drove many companies to rapidly expand their support for remote work. This change was not simply to appease a changing workforce; it was simply to survive. When most of the workforce was suddenly told to stay home, many organizations had...

DevSecOps

Remote work and digital transformation graphic

Major Data Breaches in 2018: A Mid-Year Review

Data is the new gold. It is a resource that creates and destroys power. With it, individuals, companies, and governments can sway public opinion, gain insight into the competition, and develop the most strategic plans. So it is for this reason that data breac...

DevSecOps

How to Suppress False Positives in Code Analysis

One of the obstacles any static analysis tool encounters is the ease with which developers can manage defects that are not pertinent to their development. Oftentimes these “defects” for whatever reason simply do not apply. The most known case of such defects ...

DevSecOps Kiuwan Programming Language

The True Cost of Cybercrime for Companies

We believe that data is the phenomenon of our time. It is the world’s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true—even inevitable—then cyber crime, by definit...

DevSecOps Trends