Despite the advances in technology, there’s still a very human element to whether a company embraces security practices. This article examines the impact that organizational culture has on a company's ability to adopt a security-driven mindset and offers some pragmatic tips on overcoming oft-encountered challenges.
Software tools that empower employees to create and automate workflows should be easy to use. Plain and simple: They are not programming utilities. And they should not look like programming utilities.
Citizen development – when non-programmers create useful software solutions – is excellent for driving business productivity.It lets employees that own business problems to own – and build – business solutions. Unlike with software written by a company’s IT developers or outside contractors, citizen development involves a minimum of red tape and funding, gets directly to the heart of what the employee was trying to accomplish, and can make lots of people happy. If it’s done right.
It happens all the time: Employees, departments or even third-party entities request access to business applications so they can perform important tasks. How much access should they be granted - and to which systems and data. Expert Mike Fitzmaurice sheds some light on enterprise application workflow best practices.
2016 saw a record setting number of cyberattacks, resulting in the most records stolen in the seventeen years that breaches have been tracked. When you can’t secure the network any longer, what do you do? Shifting to a runtime protection approach will require a bit of retooling, but the end-result will be—finally—slowing the attacks that threaten every organization, every day.
After attending AppSec California this past January, Arleena Faith learned some interesting lessons that she wanted to share with other Software Developers and professionals in the Software Security field. The topics included in this Experts Corner range from insights on scaling a Software Security Initiative to automating Security Testing within the pipeline.
There is an overarching theme driving these security breaches: ineffective adherence to secure design principles. Expert Ted Harrington explores the world of secure design principles (and anti-principles) as a means to build resilient systems.
Would you feel comfortable hiring a hacker? Caroline Wong, CISSP and VP of Security Strategy at Cobalt, discusses the benefits and risks to using the power of the people – crowdsourced application security programs – at this OWASP AppSec session.
At this year’s AppSec California conference – a yearly event for InfoSec professionals, developers, pentesters, and QA and testing professionals – the Women in Security panel was among the most highly attended, a very clear indication that this topic resonates strongly with both women and men.
Good Bots. Bad Bots. Can you tell those apart from the ‘normal’ traffic generated by the humans using your network? Sean Martin works with the team at Distil Networks to identify 10 ways to spot bad bots on your network?
At this point, it should seem clear we are losing the cyber war. Digital security is getting worse because of lock-in. So how is this impacting our security posture? Jamison Utter explains.
Many are lured by the fascinating and lucrative field of cybersecurity, but the prerequisites for entry-level positions are often daunting. Learn from expert Mikhael Felker how to gain experience that will position you for a successful career in InfoSec.
When it comes to the creation of this market, it all boils down to supply and demand. Jeremiah Grossman is nudging the supply along - letting people get a taste of it - and hopefully the market will soon start demanding it. In this article, Sean Martin explores the cyber guarantee portion of the topic and the ability to create a new market from scratch.