Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

TECH DIGITAL RESOURCE LIBRARY

Developer

Access the latest white papers, research webcasts, case studies and more covering a wide range of topics like Mobile, Cloud and Data Analyitcs. Filter the library by ...

TOPICS: SUBTOPICS: COMPANY:
DATE RANGE:
TO
FORMAT:







2021 Application Security Statistics Report Vol. 2

by WhiteHat SecurityMar 15, 2021

The state of application security is rapidly evolving and there is a need for a more frequent analysis of the threat landscape in order to keep up.

Our monthly AppSec Stats Flash report will complement the monthly AppSec Stats Flash podcast. Together, these assets will analyze key data points and trends to determine the current condition of application security within different industries.

In this volume, we discuss:
• How application security, both for web and


Open Source Security: The Ultimate Guide to Software Composition Analysis

by CheckmarxFeb 10, 2021

Open source software has facilitated the rapid evolution of application development and shortened development cycles. As with any new advancement in technology, there can be risks associated with open source components which organizations must identify, prioritize, and address. Security vulnerabilities can leave sensitive data exposed to a breach, complex license requirements can jeopardize your intellectual property, and outdated open source libraries can place unnecessary support and


Nucleus Research: European Financial Services Institution ROI Case Study

by CheckmarxFeb 10, 2021

One of the largest European financial services institutions did not have a solution to address security vulnerabilities in their custom code. Falling under strict legal and industry standards for security and compliance, the organization considered manual approaches to address the security challenges they faced. However, they quickly realized they needed an integrated and automated way of improving the security of their custom code and looked to Checkmarx to remedy their situation.

As a


The Application Security Testing Imperative

by CheckmarxFeb 10, 2021

This paper provides practical guidance for CISOs, CIOs, and DevOps leaders for designing an effective application security program to secure modern application development via an integrated approach. The paper also aims to equip application security practitioners with research data to support building the business case for AST investments.

In this White Paper, readers will learn: The Implications of Deadline-driven Decisions The Open Source Software Dilemma Demystifying DevSecOps


A Quick Intro to Go Language Security Topics

by CheckmarxFeb 10, 2021

Are you new to the Go language (Golang), or are you an old-schooler who just wants a single resource highlighting all the security advantages of Go? You've come to the right place!

To help you quickly increase your knowledge of Go security in general, we've compiled this short summary of security topics you should be aware of when using Go. If you're ready to learn more... Let's Go!

This is a summary of the extended work found in The Go Language Guide — Web Application


The State of DevSecOps Report

by AccuricsJan 25, 2021

The latest State of DevSecOps report reveals that while exposed cloud storage services are a common theme, issues such as hardcoded keys are becoming increasingly common. Specifically, one in two deployments had unprotected credentials stored in container configuration files, which is worrisome given that 84% of organizations are using containers. The report studies the top cloud infrastructure risks plaguing organizations and illustrates how they contributed to three recent breaches at Capital


DevOps Guide to Terraform Security

by AccuricsJan 25, 2021

Using Terraform, an open source IaC tool developed by Hashicorp, to provision infrastructure provides many benefits to the management and operations of your environment. Its versatility, declarative language, and the productivity gains of using the same Infrastructure as Code (IaC) tooling across multiple cloud providers have made Terraform one of the most popular tools for infrastructure provisioning.

While there are many benefits to using Terraform as part of your infrastructure


2021 Top Enterprise IT Trends

by Dark ReadingNov 13, 2020

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.

Here's what's inside: Businesses Rethink Endpoint Security for 2021 Ransomware Will Not Slow Down in 2021 Wrestling With New Vulnerabilities, Security Teams Seek Automation For Cloud Security Plus, other 2021 Trends from Data Center Knowledge, InformationWeek, ITPro Today, Network Computing The information submitted is collected by


5 Reasons to Prioritize Software Security

by CheckmarxOct 02, 2020

The pace of digital transformation has reached a speed never before seen, forcing organizations into an "adapt or die" situation. Software is at the center of it all, placing increased pressure on DevOps leaders, AppSec managers, and developers to develop and deploy software faster.

This eBook discusses how: Software security is at the heart of digital transformation. Open source is as vulnerable as it is valuable. Developers should be extensions of your security team. Among other


An Integrated Approach to Embedding Security into DevOps

by CheckmarxOct 02, 2020

The root cause of many successful cyber attacks lies primarily in vulnerable software itself. The real question that needs to be asked is, "Can the industry do a better job of writing more-secure code, making software applications nearly impenetrable to cyberattacks?"

This eBook will help you understand : Security within the Common Development Methodologies The different ways to embedding Security into DevOps The current approach to security within DevOps


SUBTOPICS:

Accurics

At Accurics™, we envision a world where organizations can innovate in the cloud with confidence. Our mission is to enable cyber resilience through self-healing as organizations embrace cloud native infrastructure. The Accurics platform self-heals cloud native infrastructure by codifying security throughout the development lifecycle. It programmatically detects and resolves risks across Infrastructure as Code before infrastructure is provisioned, and maintains the secure posture in runtime by programmatically mitigating risks from changes. Accurics enables organizations of all sizes to achieve cloud cyber resilience through free cloud-based and open source tools such as Terrascan™.


Checkmarx

Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry's most comprehensive Software Security Platform that unifies with DevOps and provides static and interactive application security testing, software composition analysis, and developer AppSec awareness and training programs to reduce and remediate risk from software vulnerabilities. Checkmarx is trusted by more than 40 of the Fortune 100 companies and half of the Fortune 50, including leading organizations such as SAP, Samsung, and Salesforce.com.


Dark Reading

Dark Reading is a security dashboard for IT professionals who don't have the time or the luxury of combing wirefeeds, multiple bug feeds, or vendor Websites to find out what's new or how well it works. Here, readers will get the latest on the security industry from our crack reporting team, hear directly from trusted voices and links to the best security content across the Web.


WhiteHat Security

WhiteHat Security has been in the business of securing web applications for 17 years. Combining advanced technology with the expertise of its global Threat Research Center (TRC) team, WhiteHat delivers application security solutions that reduce risk, reduce cost and accelerate the deployment of secure applications and web sites. The company's flagship product, WhiteHat Sentinel, is a software-as-a-service platform providing dynamic application security testing (DAST), static application security testing (SAST), and mobile application security assessments. The company is headquartered in San Jose, Calif., with regional offices across the U.S. and Europe.