One of the most significant problems facing application security teams is the amount of time it takes to manage the results returned from automated testing tools. Tests may return thousands of potential vulnerabilities, but most AppSec professionals know that only a...
White papers
Orchestration: The key to AppSec Automation
Traditional wisdom holds that goods and services can almost always only fulfill two of the following three attributes: “Cheap,” “Fast,” and “Good.” If you want something quickly that is also high-quality, then it won’t be cheap; if you want something high-quality...
AppSec Risk Management—How Code Dx Can Help
Download This is the second part in a two-part series on Application Security Risk Management. The first part describes the scope and scale of the current cyber threat landscape as it relates to AppSec, and details the most common problems organizations face when...
AppSec Risk: The Dangers and How to Manage Them
Many organizations focus most of their cybersecurity budget on a few important things—network security, proper employee training, virus detection, firewalls, and policies, to name a few. All of these are crucial and necessary, but they’re only part of the grander...
HAST—Hybrid Application Security Testing
Hybrid Analysis combines the best aspects of the two most common types of application security testing— SAST and DAST—to provide a deeper, more effective look under your application’s hood. SAST tools scour your source code for potential vulnerabilities—from the inside-out—while DAST tools search for exploits accessible by an attacker—from the outside-in.
Five application security testing pointers for software quality assurance professionals
Software quality assurance professionals have to worry about more than code quality—now they have to handle application security testing. This white paper outlines the importance of SQA professionals to the security testing process, their relationship to testing practices, and the five things they need to do before they get started with AppSec.
HIPAA compliance and application security
HIPAA compliance is critical for operating in the healthcare industry. This white paper reviews the importance of cybersecurity to HIPAA compliance, the relationship between network security and application security in that regard, and how the features and benefits of Code Dx products can help address those HIPAA application security concerns.
Finding software vulnerabilities before hackers do
Security breaches are on the rise. Your applications now run on internal systems, in the cloud, on mobile devices, and in some cases on IoT devices — all exposing confidential data to the world. You and your business must take precautions to ensure that your data and enterprise are protected from attacks that take advantage of common vulnerabilities in your own software. This white paper explores the ways Application Security Testing (AST) tools and techniques help software developers and security analysts identify and repair those security holes, before hackers can exploit them.