In my last article, I described how many in the application security community have been obsessed with “shifting left”—that is, moving application security testing earlier in the software development ...

A Q&A with Jason Schmitt, CEO of Black Duck, discussing how artificial intelligence (AI) and regulatory pressures are combining to usher in a new era of software development and security. Q: Why is ...

Key performance indicators (KPIs) can be used in application security testing to measure the effectiveness of security testing and provide insight into the security posture of an application. Their ...

Software security may finally be getting the attention it deserves as more countries institute necessary guidelines. But with threats increasing against the software supply chains, it is too soon to ...

From autonomous vulnerability remediation to real-time scrutiny of AI-generated code, AI is impacting security at every stage of the software development process. At Black Hat USA 2025 and DEF CON 33, ...

Product security teams are becoming more popular for the in-depth security approach they take when compared to appsec teams. But there is more to it, which includes creating a security-conscious ...

Biden's order targets Chinese-linked cyber threats, mandates secure software standards CISA to evaluate software attestations, failures potentially referred to attorney general Experts urge urgency, ...

Investment intended to drive growth at CodeSecure, which will retain the CodeSonar® and CodeSentry® product lines The application security testing market (AST) is fast-growing, projected to show an ...

BURLINGTON, Mass., Oct. 1, 2024 /PRNewswire/ -- The former Synopsys Software Integrity Group announced today that it has rebranded as Black Duck® Software, Inc. ("Black Duck"), a newly independent ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...

The starting block of an Application Security initiative is to complete an inventory of all applications within the enterprise. Compile a spreadsheet of the number of applications, type of ...