My colleagues and I at cloud-native application security provider Backslash Security have been fascinated by the fact that dev teams outnumber AppSec teams and the amount of alert noise the latter struggle with on a daily basis. We wanted to dig deeper, so we commissioned a report to find out from US-based AppSec professionals (managers and engineers) themselves how they are faring with these dynamics at play ...
In Episode 16 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss Zero Trust and the SME Market ...
A recurring narrative is emerging in today's digital landscape, characterized by organizations grappling with managing and safeguarding the growing number of APIs within their ecosystem. At the 2023 RSA Conference, a survey conducted by Traceable brought some troubling facts to the surface about how organizations are handling their API security ...
In Episode 15 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss MoveIt Attacks ...
In Episode 14 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the role of the CISO ...
The White House recently released its National Cybersecurity Strategy ... Here are three tips to align your cybersecurity strategy with the White House guidelines, to avoid any breaches that your organization may be held liable for ...
In Episode 13 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss security uses of AI ...
In Episode 11 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss GDPR Enforcement ...
Truly Shifting Left means embracing a clean-as-you-go approach to software development. It means exactly what you'd think — it enables developers to identify and fix errors in real-time as they create code. When developers are able to clean-as-they-code, they move the security process as early into the software development life cycle (SDLC) as possible — when the code is first being written. You can't shift further left than that ...
As organizations increasingly rely on APIs to streamline their operations and drive innovation, the need to securely authenticate across these critical communication channels is more important and complex than ever. The Corsha State of API Secrets Report 2023 highlights the need for better tools, technologies, and tradecraft around API secrets ...
In Episode 10 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss 90 day certificates ...
The conventional wisdom in security, and mobile app protection in particular, was that consumers care about features, not security. At mobile brands across the globe, a healthy internal debate exists over this dichotomy. Mobile developers say features are more important. Cyber security teams say security is more important. Operations teams serve as the tie breaker, often choosing whatever will get the app out the door the fastest ...
In Episode 8 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA provide a wrap-up of the RSA conference ...
In Episode 7 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA observe Star Wars Day ...
The majority of organizations surveyed (97%) are gaining business benefits from Kubernetes — including growth in market share and increased profits, according to The State of Kubernetes 2023 from VMware ...
In Episode 6 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss Cyber Threat Intelligence ...
In mid 2022, the Open Source Software Security Foundation (OpenSSF) launched a 10-point plan to promote and improve the security of open source software. Here are their observations in combination with our own ...
Open source isn't a strategy, it's a philosophy of collaboration. It's the fabric of millions of commercial projects in industries like FinTech, IT and AI. But there's something curious about open source — it makes up the majority of codebases, so surely the packages have hundreds of eyes keeping watch on their security posture? Unfortunately not ...
In Episode 5 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA provide a preview of the upcoming RSA Conference 2023, focusing on API Security ...
Open-source software (OSS) constitutes over 70% of all software, and a new report — What's in Your Open-Source Software? — compiled by Lineaje Data Labs, uncovers the inherent risk and ease of software supply chain tampers in the Apache Software Foundation's most popular products and their dependencies ...
In Episode 4 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA provide a preview of the upcoming RSA Conference 2023 ...
In Episode 3 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss tax scams ...
DEVOPSdigest and Enterprise Management Associates (EMA) are teaming up on the Cybersecurity Awesomeness Podcast. In Episode 2, EMA experts discuss the security ramifications of ChatGPT ...
With organizations of all sizes moving more of their operations to the cloud, a majority are struggling to automate cloud security and mitigate risks, according to the 2023 State of Cloud-Native Security Report, a Palo Alto Networks survey of more than 2,500 C-level executives around the world ...
Melding security into Development Operations is often confused with providing security to secure applications. There is a high level of relevancy to securing software and applications from the outside, but the focus of DevSecOps largely remains on the following ...
