With attackers continuing to hammer weaknesses in software, organizations must prioritize application security more than ever, says Ian Ashworth of Synopsys. Thankfully, developers and middle management - bolstered by agile methodologies and DevOps - are increasingly leading the charge.
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
As organizations pursue digital transformation initiatives backed by new application deployment techniques, they must ensure that security, operations and development teams fully coordinate, says Marco Rottigni of Qualys.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Migrating from on-premises data security to the cloud and then embedding security in the application development process are common challenges for enterprises. Dan Fitzgerald, a CISO at the consultancy McKinsey & Co., shares insights on how to make these transitions.
When a healthcare provider develops its own applications that handle patient data, it must take critical steps to safeguard protected health information and ensure HIPAA compliance, says privacy attorney Adam Greene.
The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law.
Many large organizations are app developers, and individuals are increasingly using apps to access computing resources. But the age-old problem of code not being reviewed for flaws at every stage of testing and production continues, warns Joseph Feiman of WhiteHat Security.
F5 Networks is a vendor of application security solutions, but its DevSecOps professionals also have the need for actionable threat intelligence, says Preston Hogue, who discusses the advent of new solutions.