Global AppSec San Francisco returns November 14-18 to the Hyatt Regency San Francisco. Designed for private and public sector infosec professionals, the two-day OWASP conferences equip developers, defenders, and advocates to build a more secure web.
With the exception of a few vendors and their heavily invested customers, many agree that application security’s era of “big box” defect discovery tools is over.
In a previous blog article, we described the modern software supply chain.
The OpenSSL project has announced that a critical severity vulnerability exists in versions 3.0.x of the project. The fix will be released in version 3.0.7, expected November 1, 2022.
When SARIF became a defacto standard for security tool output, supported by commercial and OSS tools alike, development and security practitioners alike rejoiced.
Cybersecurity is hard. Companies stacked with security talent, and no shortage of cybersecurity budgets get breached. Every. Year.