DHS has declared October National Cybersecurity Awareness Month in an effort to—you guessed it—raise awareness about our shared responsibility in keeping cyberspace secure for everyone. I’m all for educating people about security threats and what they can do to prevent breaches, but there must come a time when awareness turns to action.
Blog
Software Vulnerability Management: Why it’s not as easy as “find it and fix it.”
Your company has defined and implemented an application security management program. You have spent time and money purchasing and installing various Automated Software Testing (AST) tools and techniques to run your application through it’s paces. These AST tools generate lists of vulnerabilities. Why is it that you can’t just give these lists to your team and have them fix the items on the list?
Keep Your Third-Party Libraries in Order: Code Dx Integrates Black Duck Hub
You almost can’t build a web application today without making use of third-party open source code. But how do you know that code you imported into your application from GitHub is secure? If the study sponsored by our technology partner and industry leader Contrast...
Mobile application security: Code Dx integrates NowSecure and the OWASP Mobile Top 10
Code Dx has added powerful new features to help you secure your mobile app.
Is your software subject to HIPAA regulations? If so, you need a way to test for HIPPA security compliance
Software application security vulnerabilities can create major risks for developers and development managers who must comply with HIPAA. The responsibility for protecting sensitive data extends all the way into your code. There is the obvious issue of patient...
HIPAA security compliance and software vulnerability management
Software vulnerabilities can cause major problems for developers and developing managers. More than 50% of all software breaches involve web applications; however, less than 10% of organizations…
My memories of Becky Bace
Rebecca Gurley Bace, a member of the Advisory Board of Code Dx, Inc., died last week. While we lament her loss as an Advisor to Code Dx, Inc., that lament is dwarfed by my personal sense of loss of Becky Bace’s friendship and mentorship. Becky was truly one-of-a-kind. I met Becky about ten years ago…
Code Dx 2.4 Application Security Tool Integration
Code Dx, version 2.4. This release includes several minor tweaks, but the two most significant additions are support for Contrast Security’s Assess IAST solution, and new filters for temporal analysis of findings across scans.
Code Dx version 2.3 adds AlienVault Integration For Application Security
Effective cybersecurity requires a combination of preventive action and rapid response. Anticipating potential areas of intrusion or abuse is, of course, crucial, but not all threats can be predicted; reacting to events as they occur is often necessary. To make these...
Code Dx Version 2.3 Tracks DISA STIG Compliance
Data vulnerabilities can be major threats to national security. Government agencies and contractors who work with the federal government and the military must maintain strict security policies and standards with respect to data, the information systems that process...