Categories
Category //

Stephen Gates

Why “Shift Left” in DevOps is really “Shift Center”

In an industry full of acronyms and buzz words, the term “shift left” surfaced as a result of organizations waiting to perform software security testing until the end of the development process. The problem here is that the industry still

Discussing AppSec Policies within DevSecOps

There’s no denying that today’s digital ecosystem must be protected. But preventing increasingly frequent and severe attacks, which often target customer data and confidential information, requires more out of your organization’s security policies. Add in the challenge of organizations being

RSA Conference 2020 Wrap-Up: From Software Security to SoulCycle

Another year, another RSA Conference USA in the books! From talking software security and DevOps with thousands of attendees, to launching new research and solutions, and hosting a SoulCycle fitness class for AppSec professionals, we had a blast at this

Correlating and Remediating Security Risks at Scale is Vital to DevOps

The recent industry shift towards DevOps makes it clear that organizations are adopting this development and operational model to facilitate the practice of automating software delivery and deployment. As a result, organizations are acknowledging that their traditional approaches to software

2019 – Checkmarx Research Roundup

Discovering vulnerabilities like the ones mentioned below is why the Checkmarx Security Research team performs investigations. This type of research activity is part of their ongoing efforts to drive the necessary changes in software security practices among vendors that manufacture

Twas the Night of the Go-Live

Twas the night of the Go-Live, and all through the team, We were nervous as ever, at least it would seem. We thought we had done, everything that was right, We were hoping it’s quick, then we’d call it a

2020 Cybersecurity Predictions – Our Experts Weigh In

2019 proved to be a hectic year in the cybersecurity landscape. With 3,813 data breaches occurring in the first six months alone, (exposing over 4.1 billion records,) and 12174 new vulnerabilities discovered in commercial and open source software, this year

Combating the Continuous Development of Vulnerable Software

Most people in our industry know what the acronym CVE means. For those that may not, CVE stands for Common Vulnerabilities and Exposures. According to their website, CVE was launched in 1999 as a list of common identifiers for publicly-known

The Open Source Cookbook: Prepping Your Kitchen

Over the course of this adventure into the culinary world of software development, we have drawn comparisons between open source software and cookie recipes, and equated open source risks to spoiled ingredients. When cooking, it’s imperative that we prep our

Skip to content