One of the hot topics in software development right now is “DevSecOps”, which stands for “development, security, and operations”, and loosely-defined means “producing secure applications through an continuous integrated automated build process”. It is often mentioned in conjunction with an organization’s goal to “move security left” in the development process, with the goal of addressing security issues early on in the project plan.
The focus of this article is strictly on the security aspects of DevSecOps. Specifically, we will elaborate activities that can and should be integrated into the Software Development Lifecycle (SDLC) to produce secure applications.
System architectures leveraging APIs offer many benefits, but warrant caution, as they also make it easy to introduce serious security vulnerabilities into your products and services. This article explores various security considerations that can make or break API security, identifying […]
“The inexorable evolution of technology is a real threat to your privacy. Left unchecked, it will erode your privacy in ways you may not even have considered.” Technology Breeds Complexity Have you noticed that every new product seems to claim […]
If properly funded, planned, and executed, it is possible to keep cybersecurity initiatives moving with temporary contract staff while simultaneously recruiting the best permanent team members. Learn how…
In a previous article, “A Security Model for the Internet of Things (IoT),”, we described how to measure the security of discrete network devices, and how to aggregate the resulting scores to the network level. In this article, we will […]