What Are Docker Containers, and Should Your Company Adopt It?
What do containers really do, and is adopting Docker the right move for your company? Read on to find out.
Choose Your Type
Choose Your Topic
Our Latest Content
Microservices Architecture: Security Strategies and Best Practices
Why is microservices security important? Key principles and best practices to ensure your microservices architecture is secure.
Security Challenges and Opportunities of Remote Work
The COVID-19 pandemic forced many organizations to shift to a remote workforce almost overnight, most of which were not prepared for the sudden change. In their efforts to ensure their employees could remain productive, a number of organizations relaxed their security policies and unwittingly exposed their networks to compromise. As the pandemic continues, security challenges...
How to Set Up an Open Source Strategy
How to set up and implement an open source strategy that will ensure open source security and compliance.
The 10 Best Security Conferences to Attend in 2021
The top security conferences to visit in 2021, virtually or in-person.
Top 10 Open Source Vulnerabilities In 2020
To help you stay on top of your open source security, here is our list of top 10 open source security vulnerabilities in 2020.
What You Need To Know About Application Security Testing Orchestration
What is application security testing orchestration and why it is crucial in helping organizations make sure all potential risks are tracked and addressed.
The Battle for Container Security
As a technology, containers have done much to advance software development. However, it’s not without its issues, particularly in regards to security. Container security challenges have delayed or halted deployments, impeding organizations’ process in their quest to produce better quality software, faster. In this webinar, we discuss the current state of container security and what...
DevSecOps: Best Practices for Enterprises
The benefits of DevSecOps make a compelling case for its adoption. However, for many enterprise organizations, progressing from adoption to scale continues to be a challenge – which in turn, impacts their chances of success. So how can you implement DevSecOps to date and ensure a visible and continuous delivery pipeline for software releases without...
Shifting Compliance and Security Left – Into the Hands of the Developers
The software world is alive with talk of shifting left – but what does it really mean? Theoretically, it means shifting responsibility for security & compliance to developers. In practice, it largely means enriching CI/CD processes to detect problematic licenses & vulnerabilities before they reach the main branch or production. Shiri Ivtsan, Director of Product...
The DevSecOps Showdown – How to Bridge the Gap Between Security and Developers
DevSecOps requires processes and tools that enable weaving security throughout the DevOps pipeline. It is much more than a buzzword, and if you’d ask most organizations, well – they believe they are in the process of adopting DevSecOps tools and practices. But – are they? In order to deeply understand the state of DevSecOps implementation...
White Box Testing Guide
Learn all about white box testing: how it’s done, its techniques, types, and tools, its advantages and disadvantages, and more.
Top Tips for Getting Started With a Software Composition Analysis Solution
Top tips for getting started with Mend Composition Analysis to ensure your implementation is successful.
Be Wise — Prioritize: Software Security Vulnerability Prioritization
How prioritization can help development and security teams minimize security debt and fix the most important security issues first.
How LivePerson Takes Cloud-Native DevSecOps to the Next Level
As the microservices development environment becomes more and more popular in cloud-based companies, the CI/CD volume is getting bigger and bigger and is changing the way organizations such as LivePerson can integrate DevSecOps tools into their CI/CD processes. Join Nir Koren, DevOps CI/CD Team Lead at LivePerson, as he discusses: -Why it is crucial to...
Eclipse SW360: Main Features
All about Eclipse SW360 - an application that helps manage the bill of materials — and its main features.
Black Box Testing: What You Need to Know
What are the different types of black box testing, how is it different from while box testing, and how can black box testing help you boost security?
Mend Report – DevSecOps Insights 2020
Mend Report - DevSecOps Insights 2020
Top 9 Code Review Tools for Clean and Secure Source Code
The top code review tools that will help you detect and remediate code defects and errors before production, when they are easy & less expensive to address.
Why Patch Management is Important and How to Get It Right
How to make sure you have a solid patch management policy in place, check all of the boxes in the process, and use the right tools.
How Comcast Sped Up Development Without Compromising on Security
Security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy orders of magnitude faster than human gating can achieve. What’s needed to add security to DevOps are tools that work well with rapid-cycle CI/CD pipelines and an approach...
Application Security Testing: Security Scanning Vs. Runtime Protection
The application security testing market is split into security scanning tools and runtime protection tools. In this article we define & compare all options.
DevOps from the Human Perspective
Much has been written about the three pillars of DevOps—culture, technology and process—but less discussed is the “human” element of DevOps—what it takes from a people perspective to take care of those “doing DevOps” to promote success and prevent issues such as burnout or job dissatisfaction. This panel webinar looks at ways in which organizations...
Dependency Health – Removing the Barriers to Keeping Projects in Shape
Enterprises and Developers already know the importance of managing vulnerabilities and dependencies, so why do so many still fall behind? Like maintaining good physical health, software projects require more than just good intentions – there needs to be sensible and achievable process that developers want to follow, and the rewards must outweigh the demands. In...
July 2020 Open Source Security Vulnerabilities Snapshot
Read our July’s open source vulnerabilities snapshot, your monthly overview of everything new in the fast-paced world of open source security vulnerabilities.
The Security Phoenix: A Modern Approach to DevSecOps Focus on People
DevSecOps is usually a tool or fast speed approach to the organization. This talk, however, will take you through a different approach. With a holistic view of the organization, the security phoenix methodology takes into account a large organization with assessment, maturity matrix, scoring system and measurement options. We will walk through the problem of...
3 Key Considerations for DevOps Automation
If you’re considering increasing your company’s reliance on DevOps automation, here is a 3-step thought process to automate your mindset.
Software Development Life Cycle: Finding a Model That Works
This article identifies the phases of the SDLC (software development life cycle) and its main models: Waterfall and Agile.
Leading the Transformation
Digital transformation has been occurring in organizations of all sizes for the past few years, yet the process isn’t moving fast enough to move the needle in many companies. How can DevOps help increase the velocity and impact of digital transformation? This panel webinar discusses the relationship between DevOps and digital transformation and ways organizations...
What Going All-Remote Taught Us About Appsec and Testing Shortfalls
The Covid-19 pandemic led to a lot of tech companies converting to remote teams almost overnight, and for some this may even become the norm. While conferencing such as Zoom are widely known for substituting for face-to-face meetings, it’s much less appreciated how the disruption has increased asynchronous communication approaches as people are not always...
Secure Coding: A Practical Guide
Poor coding is one of the main reasons for data breaches. Secure coding practices must be used to maintain a secure application.
AppSec: Pushing Left, Like a Boss
With incident response and penetration testing currently receiving most of our application security dollars, it would appear that industry has decided to treat the symptom instead of the disease. “Pushing left” refers to starting security earlier in the SDLC; addressing the problem throughout the process. From scanning your code with a vulnerability scanner to red...
From Dev to DevSec: How to transform developers into security rockstars
Waterfall, Agile, DevOps… it seems that every few years, a new methodology is born for optimum software creation. While these processes all have their strengths and weaknesses, the streamlining and red tape they often bring can feel like a hindrance to a developer’s main goal of building great software. So how do we shift secure thinking...
DevSecOps vs. SecDevOps: A Rose by Any Other Name?
The terms DevSecOps and SecDevOps are often used interchangeably. Is there any real difference between them? Let’s explore whether there’s a difference.
How to Implement Security at the Speed of DevOps
Your organization has already embraced the DevOps methodology? That’s a great start. But what about security? It’s a fact – many organizations fear that adding security to their DevOps practices will severely slow down their development processes. But this doesn’t need to be the case. Tune in to hear Jeff Martin, Senior Director of Product...
May Open Source Security Vulnerabilities Snapshot
Learn about April's new open source security vulnerabilities, their severity, top CWEs, vulnerabilities per programming language, new XSS in jQuery XSS, and more.