<iframe src="//www.googletagmanager.com/ns.html?id=GTM-KXSCJR" height="0" width="0" style="display:none;visibility:hidden">

The Focus Has Shifted: Application Security is in the Limelight

Arpit Joshipura | May 24, 2016

I am pleased to report that after a period of calm, the media is now buzzing with great stories on application security. These stories give great insights, statistics and actionable guidance for CISO and Security executives.

Applications have taken on an important business role, acting as the heart of companies and generating millions of dollars in revenue. But, until recently application security was not a focus. But now, we are excited to see an influx in media coverage around this extremely important topic. Here are a few of our favorites:

Continue reading

Topics: Application Security, DevOps, Vulnerability remediation, DevSecOps, SQLi, SQL Injections

Prevoty Turns Three Years Old and Gets a Web Lift

Julien Bellanger | May 9, 2016

Over the last three years, we went from brainstorming crazy ideas at a kitchen table to creating a new category for securing enterprises applications at runtime. We've captured our top 3 learnings in this blog post and have made some exciting new additions to our website. 

Continue reading

Topics: Company News, RASP, Prevoty Technology, DevOps, Language Security, LANGSEC, Runtime Application Self-Protection, Vulnerability remediation, DevSecOps, Runtime Application Security

Why Security & DevOps Can’t Be Friends (Or Can They?)

Kunal Anand | Mar 16, 2016

football.jpegLegacy applications are a brush fire waiting to happen. But retrofitting custom code built in the early 2000's is just a small part of the application security problem.

Security hasn’t changed much in the last 10 years. Companies still use pattern matching and pattern-based defenses which aren’t enough to protect websites and company data from the bad guys. Hackers continuously find unique ways to create fuzzing techniques or to perform fuzzing to create new exploits, and a lot of companies can’t run regular expressions, and most can’t use pattern matching to defeat that. 

In order to protect against cross-site scripting (XSS) or SQL injection (SQLi), why not look at application security through the lens of a web browser or a database engine? What if there was a unique way to solve these problems instead of just solving it at the perimeter? Why don't companies protect from within the application where they have access to contacts and important contextual information? Most say it's lag time, or performance issues that inhibit this kind of solution. But I’m not so sure.

Continue reading

Topics: Application Security, Legacy Apps, DevOps, Language Security, xss, LANGSEC, Pattern matching, Cross-site Scripting, Runtime Application Self-Protection, Vulnerability remediation, Agile Security, fuzzing, DevSecOps, CVE Vulnerabilities, Runtime Application Security, SQL Injections, CSRF

Six Application Security Predictions for 2016

Arpit Joshipura | Jan 22, 2016

This post originally appeared on CSO Online.

2016 is upon us and it is time to review what we think will happen in the world of application security in this fast-paced world. Security is always evolving just as attacks, hacks and vulnerabilities shift and as new technologies enter the landscape. Security must adapt in order to protect businesses, consumers and treasured data. Can today’s security practices achieve security assurances, rooted in sound computability theory? We believe so.

Continue reading

Topics: Application Security, RASP, Industry commentary, DevOps, Signatures

Building bridges in a fractured security ecosystem

Audrey Sunu | Dec 7, 2015

CSO Online contributing writer Kacy Zurkus recently interviewed Prevoty CEO Julien Bellanger for a news piece on contemporary approaches to securing legacy applications. Kacy's analysis uncovered an attack environment that is changing rapidly. The full article, which is cited below, originally appeared here

Continue reading

Topics: Application Security, Legacy Apps, Industry commentary, DevOps

Why DevOps Fails At Application Security

Julien Bellanger | Oct 15, 2015

In a recent survey of developers, nearly half of respondents admit to releasing applications with known vulnerabilities at least 80 percent of the time.


This post originally appeared on DarkReading.com

 

Continue reading

Topics: SSDLC, Application Security, DevOps

Subscribe to Email Updates