Each SAST tool only discovers about 14% of the vulnerabilities in your code

An essential element of the application development process is scanning the software to find potential vulnerabilities. Static Application Security Testing tools are notorious for returning lots of results (often thousands, even for relatively small applications), which can overwhelm a developer. But no matter how they feel about the results, software developers must understand that by running only one application security testing tool—even the best on the market—they are missing most of the weaknesses in their code.

Dr. Anita D’Amico is a Keynote speaker at BSides Long Island

Code Dx is a platinum sponsor of the BSides Long Island event. The event is on Saturday, January 26 at 9:30—4:00pm. (Breakfast and registration starting at 8:30–9:20am.) Dr. D’Amico is a Keynote speaker and will present on the topic, Human Factors that Influence Secure Software Development.

Anita D’Amico speaks on 8 steps to boost AppSec

Application security has many organizations worried—and for good reason. But there are steps you can take to mitigate at least some of the threats. Application breaches are on the rise, and so are the security risks of running business-critical apps in unprotected environments.