Choosing the right Application Security Testing Service Provider is not always an easy task. By asking the right questions and knowing what answers to look for, you can conduct the thorough evaluation of the various vendors available in the market a
All Posts (2717)
Sort by
There is a plethora of web application scanner; every one of which claims to be better than the other. It is indeed a challenge to differentiate between them. We need to benchmark the application scanner against hard facts and not marketing claims.
From our experience of helping organisations in building their ‘Vulnerability Management’ program, we feel that one of the major challenge the security manager/management faces does not always know the reality on the grounds. Obviously, the manageme
Bug bounty programs are quite common these days with several of the biggest names in the industry have launched various avatars of the program. I have been asked by a few security managers and managements about should they launch a bug bounty progra
Formal Modeling and Automation is one of the things I love. I try to model everything and sometimes modeling helps and sometime it lands me in trouble. It helped me when I tried to model Penetration Testing and worked with my co-founder to design ou
RSA conference is one of the leading security conference worldwide. It creates a tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
Email security gateways prevent mal
RSA conference is one of the leading security conference worldwide. It creates a tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
Threat Intelligence Program is a
The AppSec How -To:
Visualizing and Effectively Remediating Your Vulnerabilities: The biggest challenge when working with Source Code Analysis (SCA) tools is how to effectively prioritize and fix the numerous results. Developers are quickly overwhel
Over the past decade, E-Commerce applications have grown both in terms of numbers and complexity. Currently, E-Commerce application are going forward becoming more personalized, more mobile friendly and rich in functionality. Complicated recommendat
Following are the top 5 Application Security Technology Trends:
1. Run Time Application Security Protection (RASP)
Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc an
Over the last few years, our On-Demand and Hybrid Penetration Testing platform has performed security testing of applications across various verticals and domains including Banking, e-commerce, Manufacturing, Enterprise Applications, Gaming and so
Explore in-depth Use Cases of Next-Gen Security Information and Event Management (SIEM) – Part 1 of 3 series.
What will you learn:
- Tools and techniques – understanding the taxonomy
- Top use cases for the SOC
- Attack surfaces
- Insider threat
- Credentia
Static Code Analysis: Binary vs. Source
Static Code Analysis is the technique of automatically analyzing the application’s source and binary code to find security vulnerabilities. According to Gartner’s 2011 Magic Quadrant for Static Application Secu
- Looking for Top Emerging Companies in the Cyber Security Industry? FireCompass presents 50 Emerging Cyber Security Vendors to look out for in 2018. We don’t claim this is exhaustive list because there might be a possibility that we might have misse
Application Security has emerged over years both as a market as well as a technology. Some of the key drivers had been the explosion in the number of applications (web and mobile), attacks moving to the application layer and the compliance needs.
Fo
- Cyber risks have evolved significantly over the last couple of years across industry sectors. Cybersecurity is a matter of growing concern as cyber-attacks cause loss of income, sensitive information leaks, and even vital infrastru
- Explore in-depth Use Cases of Next-Gen Security Information and Event Management (SIEM) – Part 2 of 3 series.
What will you learn:
- Tools and techniques – understanding the taxonomy
- Top use cases for the SOC
- Attack surfaces
- Insider threat
- Credent
Most organizations are using multiple cloud applications daily (by some estimates 100+). These applications need to be closely monitored based on the risk they pose and the purpose they serve. Here are some key security metrics which can help you mo
While the proliferation of the BYOD trend has been bonus for businesses in terms of cost savings to productivity gains. But for IT departments, security and compliance is a headache as they scramble to catch with the mobility requirements of workfor
This blog will provide information about SAST or Static Application Security Testing and DAST or Dynamic Application Security Testing. And also answer the common question of SAST vs DAST.
What is SAST?
SAST or Static Application Security Testing is
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
