Application security people, like anyone else, can make mistakes. Hasty actions and bad assumptions lead to a less complete discovery of flaws — or to outright disaster. In the worst case, A clumsy attempt to discover security problems can itself cause a brea...
Returning from Saturday’s LechazoConf 2017, a conference about failures (and successes) of entrepreneurs/startups in Castilla-Leon (and Spain). I enjoyed the conference! Organization was awesome, content was nice, and the lechazo was great (I am from Traspine...
The conversation surrounding application security could go a thousand different directions, technology is a massive landscape after all. For the purposes of this discourse, our focus will be on three particular arms of appsec. Perhaps we could call them the G...
The GDPR is Promoting a Culture Change About Data Privacy The importance and need for security has never been greater, in particular with personal and data security. Among all the great benefits of technology, the internet and the resulting connecti...
The concept of open source software has shifted considerably from what some enterprises once thought about it. Any negative thoughts then were all misconceptions or not understanding what open source really is. Considering open source software is often free o...
Open-source licensing isn’t as complicated as license agreements go. Some people find it confusing, and businesses must pay close attention to how the licenses work. Making a mistake in one direction can result in legal action. Erring in the other direction c...
Cybersecurity often seems like an expensive proposition to many companies. There are annual evaluations to make sure you’re maintaining compliance, expensive programs to put in place, and extensive measures that have to be taken in order to provide true prote...
Almost every developer relies to some degree on open source software, and it’s tough to beat the flexibility of open use and distribution licensing. However, it’s also critical that all developers understand how to control open source components. Th...
Les analyses du code revêtent une importance économique Les analyses de codes (sécurité, rendement…) représentent des thèmes d’une importance économique substantielle. Cette importance justifie la nécessité d’effectuer des mesures précises, à l’aide de métriq...
Malware has become a constant reality for most businesses. Ransomware alone cost around $5 billion in 2017–and those numbers are predicted to continue to rise in the coming years, potentially reaching as much as $11.5 billion by 2019. Prot...
When we think of security, especially the deep embedded and core measures introduced by DevSecOps, we often think of these measures in terms of insurance – and rightly so. We associate such security measures with protection, like keeping the software developm...
The Open Source Initiative (OSI) was the product of a conference of software developers in 1998 in Palo Alto, California. OSI has been established as a global non-profit organization that encourages, promotes, and protects open source software development and...
