Blog

Minimizing triage work with Code Dx

Minimizing triage work with Code Dx

Manually reviewing findings from code quality and security testing tools is plenty of work on its own, without dealing with unnecessary duplicates. As code moves around with edits, many static analysis tools report findings associated with that code as new, even...

Data, data everywhere: How to effectively manage the deluge of SAST and DAST results

Data, data everywhere: How to effectively manage the deluge of SAST and DAST results

Application security testing is an integral part of the development process. A proper testing methodology utilizes multiple tools (and types of tools) and incorporates application security testing into the design, development, and production phases of the application development lifecycle. But you may find yourself overwhelmed by the inundation of results from all of these testing tools.

October is National Cybersecurity Awareness Month. Are you giving software vulnerability management the attention it deserves?

October is National Cybersecurity Awareness Month. Are you giving software vulnerability management the attention it deserves?

DHS has declared October National Cybersecurity Awareness Month in an effort to—you guessed it—raise awareness about our shared responsibility in keeping cyberspace secure for everyone. I’m all for educating people about security threats and what they can do to prevent breaches, but there must come a time when awareness turns to action.

Software Vulnerability Management: Why it’s not as easy as “find it and fix it.”

Software Vulnerability Management: Why it’s not as easy as “find it and fix it.”

Your company has defined and implemented an application security management program. You have spent time and money purchasing and installing various Automated Software Testing (AST) tools and techniques to run your application through it’s paces. These AST tools generate lists of vulnerabilities. Why is it that you can’t just give these lists to your team and have them fix the items on the list?