AppSec Blog

Keep up with the latest news on cybersecurity, technical trends, and programming best practices.

Category: DevSecOps

Recent Posts

How to Ensure Compliance with the PCI DSS Framework

About a quarter of Americans are victims of credit or debit card fraud every year. Credit card scammers are getting smarter every day and devising new tricks to obtain personal information, so the number of reports of credit card fraud goes up each year. This...

DevSecOps Industry AppSec

The OWASP Benchmark & Kiuwan

What is the OWASP Benchmark? The Open Web Application Security Project (OWASP) is best known for maintaining a list of the Top 10 security vulnerabilities in web and mobile applications. However, these aren’t the only projects the independent, non-profit orga...

DevSecOps Kiuwan

The Top 15 Open-Source Software Security Risks

We’ll walk you through some of the top open-source software security risks and discuss the tools and processes you can use to mitigate them.

Risk Management DevSecOps

Open source integration headache graphic

The ROI of Application Security: Defense Is a Business Advantage

Cybersecurity is evolving faster than ever, and the cost of a security incident continues to grow with it. IBM’s “Cost of a Data Breach Report 2023” showed that the financial impact of the average cybersecurity intrusion has risen to 4.45 mi...

DevSecOps Risk Management

17 Secure Coding Guidelines and Best Practices

One of the most important parts of software development is ensuring that your code is protected as much as possible from a wide range of threats. The number of cybersecurity breaches is going up, which is spurring many companies to raise their cybersecurity b...

Trends DevSecOps Programming Language Software Testing

What Is Vulnerability Remediation and Why Is It Essential to the SDLC?

As our use of technology grows and evolves, so do the threats presented by bad actors constantly looking for ways to exploit software vulnerabilities. Mitigating these risks during the software development lifecycle (SDLC) has become critical in helping devel...

DevSecOps Risk Management Software Testing

What Is Clean Code and Does It Promote Security?

Cranking out line after line of code has become cheap and easy with generative AI. However, as with most things in life, more is not necessarily better — especially regarding code. Combined with a race-to-market mindset and accelerating feature creep, this&nb...

DevSecOps Industry AppSec Programming Language

Do Your Apps Use Third-Party Components? Scan Your Code

Many software projects incorporate third-party components to add specific functionality. One of the biggest problems IT teams face is keeping up with what’s being used. Without a rigorous framework governing their use, applications can become a Wild West full...

DevSecOps Industry AppSec Risk Management

Developing Data Security For Finance

Cyberattacks are escalating in both frequency and severity across all industries, but the financial sector remains one of the most attractive targets for malicious actors due to the high value of its data. The global average cost of a data breach is $4.88 mil...

DevSecOps Industry AppSec

Data security for finance companies, graphic

What Code Security Risks Exist Beyond OWASP Top 10?

The OWASP Top 10 is a great starting point for mitigating code security risks. However, businesses that want to be prepared for modern cyber threats must go beyond a checklist of typical threat vectors. Incorporating security at every touchpoint allows develo...

DevSecOps Industry AppSec Risk Management

Security risks beyond OWASP top 20 blog graphic

Shifting Left with Security: DevSecOps for Early Vulnerability Detection

Complacency and passivity are no longer options for app security. Today’s software build failures can become tomorrow’s headaches when hackers locate the vulnerabilities your company failed to detect. A successful cyber attack can lead to data breaches, ...

DevSecOps Risk Management