Data, data everywhere: How to effectively manage the deluge of SAST and DAST results

Application security testing is an integral part of the development process. A proper testing methodology utilizes multiple tools (and types of tools) and incorporates application security testing into the design, development, and production phases of the application development lifecycle. But you may find yourself overwhelmed by the inundation of results from all of these testing tools.

How IAST, RASP, and now HAST can enhance application security

Information security breaches continue to make headlines. 2017 and early 2018 saw several major organizations such as Equifax and even the IRS fall prey to hackers who exploited security vulnerabilities.
Attacks come fast, starting within one day of Common Vulnerabilities and Exposures (CVEs) being released. Sometimes, zero days. How do you protect yourself?

8 ways to save time in application security testing

The cost and time required for comprehensive application security testing often deters businesses from implementing a proper strategy for testing and remediation of vulnerabilities. Of course, that’s asking for trouble. Fortunately, the process can be streamlined, enabling you to conduct application security testing in a more efficient and timely manner.

Security issues with web apps: Why we need to worry – and what you can do

Web application attacks are on the rise, with a 69% increase from Q3 2016 to Q3 2017. There has been a large increase in attacks coming from the U.S., with an increase of more than 200% in U.S.-based attacks on web applications in just one year. If you weren’t worried about security issues with your web applications before, you should be now. This article provides more details on why web application security should always be on your mind, and what you need to do to protect yourself, your business, and your users.

Software Vulnerability Management: Why it’s not as easy as “find it and fix it.”

Your company has defined and implemented an application security management program. You have spent time and money purchasing and installing various Automated Software Testing (AST) tools and techniques to run your application through it’s paces. These AST tools generate lists of vulnerabilities. Why is it that you can’t just give these lists to your team and have them fix the items on the list?