Today's top stories

9 top SAST and DAST tools

These static application security testing and dynamic application security testing tools can help developers spot code errors and vulnerabilities quicker.

Deploying a secure application has become just as important to most organizations as whatever core function the app will be conducting. An application that works fine but exposes an organization to a potential exploit is just as much a failure as an app that doesn’t function properly.

Back when the world moved at a slower pace, applications would be coded by developers. These applications would then be placed into a production environment by an operations team that was also typically in charge of security. If the operations team found a security flaw or vulnerability, the app would be sent back to the developers to fix. This was a time-consuming process that exposed organizations to a lot of risk by deploying vulnerable programs into their production environment.

The DevOps movement was spawned from this chaos, where developers and operations teams started working together to fix vulnerabilities before apps were deployed. Even then, there was not enough of an emphasis on cybersecurity. The development process for apps needed a dedicated security team that was separate from operations but able to work hand in hand with them as well as the developers.

This new focus on security is so popular today that most DevOps efforts have evolved into DevSecOps programs where development, security and operations work together to create and deploy secure apps.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!