Aug 28, 2020 | AppSec Classroom
In its 2019 Hype Cycle for Application Security report, Gartner revealed a new, “high-priority” category called Application Security Orchestration and Correlation (ASOC). ASOC delivers three primary benefits to the AppSec process within organizations: efficiency,...
Jul 22, 2020 | AppSec Classroom
There is a well-known problem in AppSec testing that affects you whether you’re testing one application or thousands, and whether you’re using a few or many AppSec testing tools: the time spent triaging false positives and other irrelevant findings. AppSec tools...
May 17, 2020 | AppSec Classroom, Software Exploits
Many organizations have advanced from the DevOps methodology to DevSecOps, and it is expected this trend will continue throughout 2020 as more enterprises leverage the cloud. A DevSecOps approach promotes collaboration between software application development teams...
Mar 3, 2020 | AppSec Classroom
Cyber security is a broad area, including several items such as network security and application security. If you are a CISO responsible for the cyber security budget, you know that proper protection is key. Cyber attacks can cost your business more than a million...
Jan 27, 2020 | AppSec Classroom, Events, OWASP, Software Vulnerabilities
At AppSec Cali 2020 Code Dx CEO Dr. Anita D’Amico and AppSec Researcher Chris Horn, discussed their research on “Do certain types of developers or teams write more secure code? Human Factors in AppSec.” This research sought to find out what...
Sep 27, 2019 | AppSec Classroom
Why do some developers produce secure code, but others do not? What potentially configurable elements impact code quality and security? Software is written by people, and their actions and decisions ultimately affect the security of the code they produce. This...
May 25, 2019 | AppSec Classroom, Tool Studies
The number of acronyms to keep track of today continues to grow at a rapid pace, especially in the AppSec industry. For software developers and security testers, SAST and DAST are two commonly used acronyms in the application security testing world, but are often...
May 22, 2019 | AppSec Classroom, Software Vulnerabilities
In the world of application security testing, the terms “code coverage” and “vulnerability coverage” are frequently used. But what do they really mean? Code coverage is the amount of code that is scanned to identify potential vulnerabilities in a software application....
Apr 15, 2019 | AppSec Classroom, Blog
An article by Ken Prole, CTO of Code Dx, was published in the Security Today magazine’s April 2019 edition. Download full text After a series of high-profile cyberattacks, most organizations have adopted application security practices when they develop software....
Apr 11, 2019 | AppSec Classroom, Tool Studies
An essential element of the application development process is scanning the software to find potential vulnerabilities. Static Application Security Testing tools are notorious for returning lots of results (often thousands, even for relatively small applications),...
