by Richard Barrus | Aug 25, 2020 | Application Security
Reading Time: 3 minutes
Threat modeling is a vital but often overlooked component of the software development lifecycle for secure web applications. “The sooner the better, but never too late,” doing threat modeling helps identify and understand threats...
by Richard Barrus | Jul 3, 2020 | Application Security
Reading Time: 3 minutes
If your organization builds, buys or uses web applications, you’ve probably heard of the Open Web Application Security Project (OWASP) and its Application Security Verification Standard (ASVS). Now at Version 4, the ASVS is a big...
by Richard Barrus | Jul 2, 2020 | Application Security
Reading Time: 2 minutes
The Application Security Verification Standard (ASVS) Version 4 from the Open Web Application Security Project (OWASP) is among the most comprehensive and practical guidance available for organizations looking to build or buy secure...
by John Verry | Jul 1, 2020 | Application Security
Reading Time: 2 minutes
70% of applications have open source security flaws, according to recent Veracode research. Virtually all applications developed are built using some open source components. As Chris Eng, Chief Research Officer at Veracode, notes,...
by Richard Barrus | Sep 6, 2019 | Penetration Testing
Reading Time: 2 minutes
If you’re involved in web application security, you’ve probably heard of the Open Web Application Security Project (OWASP) and its popular Top 10 list of vulnerabilities. But you may not be as familiar with a parallel effort that in...
