Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
The digital world thrives on APIs, the connectors that power seamless interactions between applications and services....
The introduction of TypeScript elicited a divided reaction from the JavaScript community. Some liked the new superset, which added static and strong typing. Many hate it with a burning passion from...
This post was written by Chris Romeo during his tenure at Security Journey. This article originally appeared on TechBeacon.com on May 18, 2021. You can access it here.
Some organizations run bug bounty programs as a way to identify and fix vulnerabilities within their production applications. A bug bounty program gives ethical hackers permission to test if an...
In the past, security was not seen as a priority during the development process. Often, developers would only perform vulnerability scans and security audits as part of the testing phase of the...
It’s indisputable: Secure Coding Training is effective in reducing vulnerabilities in code. That’s why more and more companies are turning to this training to help speed up software deployment and...
We’ve talked to hundreds of secure coding training administrators over the years, and we’ve seen many approaches to setting up and deploying a secure coding training program. We’ve seen what works...
Everyone knows the old adage: You can lead a horse to water but you can’t make it drink, and this is certainly applicable when it comes to self-directed learning through computer-based training...
Nobody appreciates the words "best practice," especially when they have no idea why it is or who said it. The phrase has encroached on the territory formerly occupied by the adage "in my humble...
Chess is an oft-used analogy for cybersecurity because there are many similarities between the two. At their core, they are games of strategy which pit two adversaries against each other in a bid to...
If you have not yet seen the Threat Modeling Manifesto, you’re missing out.
This article was originally appeared on TechBeacon.com on April 26, 2021. You can access it here.
What shall we make of the Zen of Python? Is it the epos of the language? A philosophy of computing? There are those days when one wonders whether the Python language itself is an elaborate prank...
