Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Went To AppSec California 2014. Tried Contrast. Here's My Story.

    Went To AppSec California 2014. Tried Contrast. Here's My Story.

    We receive "fan" mail from many of our clients, and lots of people who watch a demo are impressed. But when Steve..

    Libraries & Application Security, Part 3: Unused Libraries

    Libraries & Application Security, Part 3: Unused Libraries

    This is the third blog posting in a series about vulnerable libraries. Click here for part one on known vulnerabilities..

    Libraries & Application Security, Part 2: Unknown Vulnerabilities

    Libraries & Application Security, Part 2: Unknown Vulnerabilities

    This is part two in a three-part series on vulnerable libraries. Click here to read part one where we discuss known..

    Libraries & Application Security, Part 1: Known Vulnerabilities

    Libraries & Application Security, Part 1: Known Vulnerabilities

    We're a fan of using open-source frameworks and libraries. It makes sense. It saves time and money when you don't have..

    What Healthcare Can Teach Us About Application Security

    What Healthcare Can Teach Us About Application Security

    The Centers for Disease Control protects people from health threats and increases the health security of our nation...

    The Dirty Little Secret Everyone in Application Security Knows But Few Actually Talk About: Until You Actually Fix Your Code, You're Not Actually More Secure

    The Dirty Little Secret Everyone in Application Security Knows But Few Actually Talk About: Until You Actually Fix Your Code, You're Not Actually More Secure

    Here's the dirty little secret everybody in application security knows but few are willing to say out loud: Until you..

    Using Instrumentation to Find Web Application Vulnerabilities

    Using Instrumentation to Find Web Application Vulnerabilities

    Since the advent of static analysis tools around the year 2002, there hasn't been much innovation in the automation..

    Five Application Security New Year's Resolutions Every Developer Can Make

    Five Application Security New Year's Resolutions Every Developer Can Make

    New Year's Resolutions can be tricky, and advice abounds on how you can do a better job at keeping them. For the sake..

    Secure Code Starts With Measuring What Developers Know

    Secure Code Starts With Measuring What Developers Know

    I recently discovered I've been teaching blindly about application security. I assumed that I know what students need..

    Prev 71 72 73 74 75 Next