Visit Security Journey

Post listing page

Topic: Software Security

software security Secure SDLC

How do you Practice Secure Coding?

  Developers are the foundation of an organization’s digital strategy, building the products and services that drive revenue and help their company to operate more efficiently....

Continue Reading

software security Secure SDLC

What is the S-SDLC or Secure SDLC?

  There was a point in time when the only thing that mattered when it came to software development was that functional software was deployed in the stipulated time. There wasn't much...

Continue Reading

software security Secure SDLC

What Are Bug Bounty Programs, And Why Are They Becoming So Popular?

Some organizations run bug bounty programs as a way to identify and fix vulnerabilities within their production applications.  A bug bounty program gives ethical hackers permission to test...

Continue Reading

software security Secure SDLC

How (and Why) to Teach Developers to Think Like Hackers

  Coaches of sports teams would relish the chance to know their opponents' offensive playbook, so that they can prepare the right defensive schemes. Debate experts say you should...

Continue Reading

software security Application Security

SAST vs DAST vs IAST

In the last twenty years, software applications have changed the way we work or do business. Software and in particular web applications store and handle increasingly more sensitive data....

Continue Reading

Secure Coding Training software security

How to prevent SQL Injection vulnerabilities: How Prepared Statements Work

Introduction SQL Injection is a software vulnerability that occurs when user-supplied data is used as part of a SQL query. Due to improper validation of data, an attacker can submit a valid...

Continue Reading

software security PCI Compliance

PCI Secure Software Lifecycle (Secure SLC)

Ever since its formation in 2006, the PCI Security Standards Council (PCI SSC) has worked to improve the security of payment solutions and protect merchants against the latest security...

Continue Reading

software security PCI Compliance

How to Go Beyond PCI Compliance to Secure Your Organization: Requirements 8-12

In posts two and three in this four-part series, we discussed the first seven PCI DSS requirements and how to go above what is required in order to increase security. In this final article,...

Continue Reading

software security PCI Compliance

How to Go Beyond PCI Compliance to Secure Your Organization: Requirements 4-7

In the second installment in this series, we introduced how payment processing works and explained the first three PCI requirements. In this post we will explore the next four PCI DSS...

Continue Reading

software security PCI Compliance

How to Go Beyond PCI Compliance to Secure Your Organization: Requirements 1-3

In the first post of this series, we discussed the Payment Card Industry Data Security Standard (PCI DSS), why it is important, and what the consequences are of being non-compliant. We also...

Continue Reading