Building a Do-It-Yourself Defect Discovery Practice
With the exception of a few vendors and their heavily invested customers, many agree that application security’s era of “big box” defect discovery tools is over.
OpenSSL Critical Security Issue
The OpenSSL project has announced that a critical severity vulnerability exists in versions 3.0.x of the project. The fix will be released in version 3.0.7, expected November 1, 2022.
SARIF Can't Save You Now
When SARIF became a defacto standard for security tool output, supported by commercial and OSS tools alike, development and security practitioners alike rejoiced.
Developing software securely…
Cybersecurity is hard. Companies stacked with security talent, and no shortage of cybersecurity budgets get breached. Every. Year.