Be Afraid of the Ruby on Rails Supply Chain
As the complexity of applications increases, so does your reliance on open source and third-party software libraries. With the compounded usage of open source, an expansion of the attack surface is...
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
As the complexity of applications increases, so does your reliance on open source and third-party software libraries. With the compounded usage of open source, an expansion of the attack surface is...
NOTE: This article is written based on a conversation on the Application Security Podcast with Matt McGrath, called “Security Coaches."
Everyone wants their engineering staff to be better at threat modeling. Security teams desire a world where developers practice a threat modeling mindset. A threat modeling mindset is where threat...
This post was written by Chris Romeo during his tenure at Security Journey.
Marc Andreessen famously stated in 2011 that “software is eating the world.” Now, in 2019, application programming...
This post was written by Chris Romeo during his tenure at Security Journey.
Unlike wine and cheese, software does not get better with age—in fact, its security strength decreases over time. This is...
This post was written by Chris Romeo during his tenure at Security Journey.
As a bit of a thought experiment, I asked myself, “What if I had to develop an application security program with a budget...
This series was born from an interview on the Application Security Podcast, season 5, episode 18. On this episode, Chris and Robert interviewed Steve Springett about the world of the secure supply...
This article was born from an interview on the Application Security Podcast, season 5, episode 19 between Brook Schoenfeld and Chris Romeo / Robert Hurlbut. We began the conversation talking about...
This series was born from an interview on the Application Security Podcast, season 5, episode 18. Chris and Robert interviewed Steve Springett about the world of the secure supply chain. In part...
Are hacking and penetration testing the great solution to your security woes? That’s what you’ll hear from security conference speakers, who focus more on these topics than any other discipline in...
This post was written by Chris Romeo during his tenure at Security Journey.
Ladies and gentlemen, citizens of the Internet, could this be the year when DevSecOps finally catches on everywhere?
This post was written by Chris Romeo during his tenure at Security Journey.
Customers demand secure products out of the box, so security should be a top priority that should be top of mind for...