What came first: security built into your software development lifecycle or security built into the design and implementation of your code?
When we talk about application security, there are two distinct camps emerging — lifecycle security maturity and product security maturity.
Continue reading Securing the bigger picture: Lifecycle security maturity
As the dust settles on the release of the latest version of the OWASP Top 10, our team has been talking about the inclusion of insecure design on the list. Specifically, we’ve been thinking about what that means for everyone involved in the delivery of software products.
Continue reading Secure development: Turning insecure design around
This is a big week for those of us in the application security industry. One of our iconic foundation organisations, the Open Web Application Security Project (OWASP), reaches its 20th anniversary and that’s a time for us all to celebrate.
Continue reading 20 years of OWASP: Beyond syntax
<movie narrator voice>
In a world where software... rules the... *cough* ... world
and where hackers are the biggest threat the world has ever.... no wait
One organisation stands alone...
with all developers....
... at least 2m apart...
... but most likely online.
...or in animal crossing
</movie narrator voice>
Continue reading Become a security champion – with SafeStack Academy