DevSecOps

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

By CSO Staff

Nov 03, 20239 mins

Technology IndustryIT SkillsEvents

Poor software quality can cost time and money, straightforward solutions are available

By Taylor Armerding, Security Advocate at Synopsys Software Integrity Group

Mar 13, 20234 mins

DevopsSoftware Development

Software risk is business risk--now is the time for C-Suite to act

By Jason Schmitt, General Manager, Synopsys Software Integrity Group

Mar 13, 20234 mins

DevopsSoftware Development

Articles

3 DevSecOps success stories

Learn how three very different companies — Microsoft, Verizon and the Pokemon Company — got their development and security teams to work together smoothly.

By Michael Nadeau and Dan Swinhoe

Sep 26, 2019 10 mins

Application SecuritySecuritySoftware Development

Verizon builds a DevSecOps culture with its developer dashboard

Verizon's developer dashboard not only records how vulnerabilities are introduced and by whom, but provides indicators as to why. The goal isn't to name and shame, but to instill a secure-by-design mindset.

By Dan Swinhoe

Feb 26, 2019 8 mins

Application SecuritySecuritySoftware Development

The ethics of creating secure software

The permeation of software into every aspect of our lives makes it impossible to avoid. Software has transcended from a technical process into the realm of social morality. Therefore, the consequences are on a massive scale across the whole of society. Security of that software is not a technical question, but a moral one, and companies need to treat it that way.

By Chris Wysopal

Sep 07, 2018 5 mins

Enterprise ApplicationsSecuritySoftware Development

Secrets of ‘shift left’ success

The shift left movement is about bringing security into the software development cycle earlier through DevSecOps and other changes, yielding more secure software more quickly and at lower costs.

By Mary K. Pratt

Aug 28, 2018 8 mins

Application SecurityDevopsSecurity

Software products aren't cookies

Understanding the security of third-party components.

By Steve Lipner

Aug 20, 2018 5 mins

VulnerabilitiesSecuritySoftware Development

5 tips for getting started with DevSecOps

Don't be fooled, integrating security into the DevOps process is a big project. But the payoff is worth the effort. Here's what you need to know to get started building DevSecOps from the ground up.

By Scot Finnie

Jul 17, 2018 9 mins

Application SecuritySoftware Development

Do you fully trust Microsoft with GitHub?

With Microsoft acquiring GitHub, users have to decide if they will leave their repositories on GitHub or move backup copies to GitLab.

By Ms. Smith

Jun 05, 2018 4 mins

GitHubMicrosoftOpen Source

Conway’s Law: does your organization's structure make software security even harder?

Why secure development programs succeed in organizations.

By Steve Lipner

May 07, 2018 5 mins

Patch Management SoftwareSecuritySoftware Development

How lean development improved software security at Fannie Mae

Continual improvement methodologies strengthen security, shorten dev cycles and help the c-suite see infosec’s value.

By Terena Bell

Apr 25, 2018 6 mins

Application SecurityData and Information SecurityDevops

Open source software security challenges persist

Using open source components saves developers time and companies money. In other words, it's here to stay. Here's a look at what it will take to improve open source security.

By Maria Korolov

Apr 02, 2018 10 mins

Internet SecurityApplication SecurityVulnerabilities

How Contrast Security protects applications from the inside out

Contrast Security has one of the most elegant solutions out there for application security. We can see why it scored 100 percent on the OWASP Security Benchmark.

By John Breeden

Feb 21, 2018 7 mins

Application SecurityEnterprise ApplicationsSecurity