AppSec Observer: Application Security (12)

Libraries & Application Security, Part 2: Unknown Vulnerabilities

This is part two in a three-part series on vulnerable libraries. Click here to read part one where we discuss known..

Libraries & Application Security, Part 1: Known Vulnerabilities

We're a fan of using open-source frameworks and libraries. It makes sense. It saves time and money when you don't have..

What Healthcare Can Teach Us About Application Security

The Centers for Disease Control protects people from health threats and increases the health security of our nation...

The Dirty Little Secret Everyone in Application Security Knows But Few Actually Talk About: Until You Actually Fix Your Code, You're Not Actually More Secure

Here's the dirty little secret everybody in application security knows but few are willing to say out loud: Until you..

Using Instrumentation to Find Web Application Vulnerabilities

Since the advent of static analysis tools around the year 2002, there hasn't been much innovation in the automation..

Secure Code Starts With Measuring What Developers Know

I recently discovered I've been teaching blindly about application security. I assumed that I know what students need..

The Guerrilla Guide to Buying an Application Security Tool

If you're going to buy an application security tool, don't get distracted by hype. Purchasing an application security..

Application Security: We Still Have A Long Way To Go

The past decade shows only trivial progress in improving web app security, according to new vulnerability guidelines in..

3 Critical Things You Can Do During A Code Freeze With Contrast