DevSecOps and automated security

Need to deliver code quickly without compromising security? Get independent, expert information on DevSecOps approaches, including shift left and other ways to build security into the SDLC. Read about automated security testing tools and security testing best practices in software development.

June 03, 2021 03 Jun'21
AI, new skills and self-defense code emerge as app-dev musts

Gartner analysts paint an app-dev vision for 2021 and beyond marked by AI-driven tooling, novel approaches to app security and new skills.
March 22, 2021 22 Mar'21
Saltworks, Secure Code Warrior team up to secure the SDLC

Saltworks and Secure Code Warrior have forged a partnership to help developers integrate security into the lifecycle and learn to write more secure, higher-quality code.
March 18, 2021 18 Mar'21
Sonatype buys MuseDev to boost code analysis

Sonatype has expanded its addressable market for developers with the acquisition of code analysis tool vendor MuseDev. The move builds out Sonatype's software quality platform.
March 11, 2021 11 Mar'21
Developer-first security raises Snyk's tides, among others

Armed with a developer-first focus on security, Snyk has been able to draw $300 million in new funding. It also quadrupled its valuation to $4.7 billion in just over a year.

Bring yourself up to speed with our introductory content

SQL injection

A SQL injection is a technique that attackers use to gain unauthorized access to a web application database by adding a string of malicious code to a database query. Continue Reading
obfuscation

Obfuscation means to make something difficult to understand. Continue Reading
5 DevSecOps best practices to prioritize

Successful DevSecOps isn't just about secure code -- it's securing the flows of data through code, methods and tools. Review these five security tips to button up your DevOps work. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Sonatype Nexus vs. JFrog: Pick an open source security scanner

Chances are your organization relies on open source code. But how do you manage code vulnerabilities? Find a product best suited for your needs in this Sonatype Nexus vs. JFrog comparison. Continue Reading
What's in store for software development trends in 2020?

New year, new IT priorities. While not all initiatives stick, these development and testing trends will shape how teams create, evaluate and deploy software. Get ahead of the curve. Continue Reading
DevSecOps puts software development and security on equal footing

With DevSecOps, organizations spread out security responsibilities to ops and devs. Here's how programmers can expect their roles to change and why it's not such a bad thing. Continue Reading

Learn to apply best practices and optimize your operations.

SAST vs. DAST vs. IAST: Security testing tool comparison

Before your team decides upon a security testing tool, take into account both the methods and limitations of SAST, DAST and IAST. Consider what each approach brings to the table. Continue Reading
Why developers should consider automated threat modeling

Traditional threat modeling is hard. Can automated threat modeling make development and security teams' lives easier? Continue Reading
7 SOC automation use cases to augment security operations

Implementing SOC automation can have far-reaching benefits for an organization's infosec program and security culture. Learn how by exploring these seven use cases of AI in SOCs. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

3 steps to secure codebase updates, prevent vulnerabilities

Codebase updates are critical, but what about when they introduce vulnerabilities? These three steps will help app developers secure codebase updates and keep their apps safe. Continue Reading
How to patch your open source software vulnerabilities

No matter how big your software vulnerabilities backlog has grown, here's how you can tackle it, and get on the path to continuous security monitoring. Continue Reading
5 application security threats and how to prevent them

The most widely known application security threats are sometimes the most common exploits. Here is a list of the top app threats and their appropriate security responses. Continue Reading