Application Security Weekly
Developers ignore security issues. But can we really blame them? After all, security folks bombard them with an endless stream of issues that need to be addressed with no way for them to separate what’s actually critical from all the noise, all while they are expected to release software more frequently and faster than ever before. It makes sense why developers view security as something that just gets in their way and slows them down. To make application security easy, we must make it developer-first. This is the future of AppSec. In the AppSec News: Okta breach, fuzzing Rust find ReDos, SQL injection and the age of code, Log4j numbers paint a not-pretty picture.
Show Notes: https://securityweekly.com/asw190
Segment Resources:
- https://techbeacon.com/devops/5-steps-building-developer-first-application-security-program
- https://www.forbes.com/sites/forbestechcouncil/2022/02/14/what-organizations-get-wrong-about-developer-first-application-security/?sh=1dad6eb58e7c
- https://www.tromzo.com/state-of-modern-application-security
Listen here: https://podcasts.apple.com/us/podcast/asw-190-harshil-parikh/id1338907745?i=1000555571457
Recent articles
In case you missed it, in May Gartner released its Innovation Insight for Application Security Posture Management (ASPM). What is an ASPM you ask?
Read moreOn a recent episode of the Future of Application Security podcast, Emre Saglam, Head of Security and Compliance at Dremio, listed three skills every security team member...
Read moreReady to Scale Your Product Security Program?
Sign up for a personalized one-on-one walkthrough.