Looking ahead around observability

Observability and security – where are the crossover points?

Gartner has predicted more than 75 percent of global organizations will be running containerised applications in production by 2022. With so many more moving parts to look at, developers have to automate how they gather data on their infrastructure components, while security teams have to understand the new models for applications too.

Building trust

Culture is the secret sauce for ethical data management

Data privacy regulations are relatively new and not well understood within an organization. With that context, the way organizations should approach data privacy isn’t only about compliance with regulations; it’s also the right thing to do to build trust with their customers. How do you introduce privacy and trust as part of your culture?

Accelerate your security efforts

Addressing software security for financial services in 2021

While financial services organisations have historically been strong when it comes to employing application security testing tools, more can be done to accelerate efforts and make these continuous. So what specific steps can be taken by companies in this space to address security in the software they create for the remainder of 2021, and how will this benefit them long term?

Interview with Jeff Williams, CTO and Co-founder at Contrast Security

“Observability is critical to security”

Jeff Williams, CTO and Co-founder at Contrast Security, spoke to us about the newest State of Application Security in Financial Services Report. Read his insights on the importance of observability, how false positives affect security, and the best practices we should all take.

Improve your security know-how

4 Common Software Security Development Issues & How to Fix Them

As software has become the backbone of modern business, cyberattacks have become an ever-present threat, making application security a critical necessity to ensure business continuity. This article examines four commonly found software security development issues and how to address them.

Interview with Kevin Bocek, Venafi

“The impact of poor machine identity management can be devastating”

Kevin Bocek discussed security with us, including the impact of a successful software supply chain attack, what security best practices we should all follow, and the difference between human and machine identity. Kevin shares his knowledge from over 16 years of experience in IT security.

Achieving high-level security

Enhance your secrets management strategy with Puppet + HashiCorp Vault

Securing sensitive data (called “secrets”) — such as passwords, machine credentials, and API keys — is not always simple to manage manually, especially at an enterprise scale. This article explores the importance of secrets management, and how Puppet and HashiCorp Vault adds an extra layer of protection as you continue to build out your cybersecurity strategy.

Interview with Steve Wilson, Chief Product Officer at Contrast Security

“Contrast Scan revolutionizes static application security testing”

Contrast Security announced Contrast Scan, a new tool that will help teams improve team’s security by quickly finding and identifying vulnerabilities and insecure code. We spoke with Steve Wilson, Chief Product Officer at Contrast Security about the release and security best practices.

Reflections from industry experts

Tech experts discuss the three-year anniversary of GDPR

It’s been three years since the GDPR was enforced. Compliance with the EU data privacy regulation remains an ongoing challenge for organisations as do raising cyber security expectations and threats. Industry experts in the technology and software space share their reflections.

Traditional app security vs. cloud-native

Evaluating application security in the age of cloud-native

As digital transformation efforts advance and cloud-native becomes more popular, the role of application security within cloud-native architectures needs to become a priority. So, when looking at how to best secure these complex, cloud-native applications, where should development teams start?