application security

The percentage of open source code in proprietary apps is rising

May 22, 2018

The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging …

Devs know application security is important, but have no time for it

April 17, 2018

Sonatype polled 2,076 IT professionals to discover practitioner perspectives on evolving DevSecOps practices, shifting investments, and changing perceptions, and the results …

Android P: Expected security and privacy improvements

March 8, 2018

Google has released a developer preview of the next version of Android, currently called “Android P.” Functional changes are many, but here’s an overview of …

Secure coding in Java: Bad online advice and confusing APIs

October 3, 2017

For programmers and software developers, the Internet forums provide a great place to exchange knowledge and seek answers to concrete coding conundrums. Alas, they are not …

Google Chrome most resilient against attacks, researchers find

September 19, 2017

Researchers have analyzed Google Chrome, Microsoft Edge, and Internet Explorer, and found Chrome to be the most resilient against attacks. “Modern web browsers such as …

Custom code accounts for 93% of application vulnerabilities

July 25, 2017

Although third-party software libraries represent a majority of an application’s code, they account for less than seven percent of application vulnerabilities. Typically, …

The future of AppSec: Stop fighting the last war

July 25, 2017

It’s a cornerstone of military doctrine: when you focus too much on the last battle you faced, you miss signs of the new battleground taking shape. The principle holds as true …

DevSecOps: Build a bridge between fast and secure software development

June 15, 2017

Despite the pervasive belief that security and development teams have conflicting priorities, initiatives such as creating DevOps environments and focusing on product …