• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

DevelopSec

  • Home
  • Podcast
  • Blog
  • Resources
  • About
  • Schedule a Call

secure development

September 5, 2023 by James Jardine Leave a Comment

How critical is your app in your customer’s process?

Everyone has heard of the Colonial pipeline attack that happened a while back. The company that provides fuel across the East coast shut down that fuel supply due to ransomware on their systems. This sparked a huge push for ICS security. It got a lot of people talking about critical infrastructure and how the world will end with a single cyber attack. I don't disagree that these systems are at risk or that they shouldn't be secured. This is something that we should be focusing on in general to … [Read more...] about How critical is your app in your customer’s process?

Filed Under: General Tagged With: app sec, AppSec, ics, sdlc, secure development, security, security context

August 29, 2023 by James Jardine Leave a Comment

3 Tips to get your secure development program started

The hardest part of anything we do is typically just actually starting it. How many things have you thought about doing, but were not sure on how to proceed? What is that first step? We know we have to do something, but what? This is no different when we think about application security and a secure development program. We have to start it. It is absolutely a necessity for any development program. So what should we do? It is important to understand that security doesn't happen overnight. There … [Read more...] about 3 Tips to get your secure development program started

Filed Under: General Tagged With: app sec, application security program, secure code, secure development, secure development program, security

August 15, 2023 by James Jardine Leave a Comment

Client vs. Server Validation

How many times have we thrown a vulnerability over to the development team assuming they understand what the issue is? How many times have we sat with the development team to show them what we do? This isn't a point of showing how to attack to build up the next generation of security people. Instead, it is focused on showing the development team how at attacker looks at their application so they better understand the issue identified.  Let's walk through a really simple scenario You have an … [Read more...] about Client vs. Server Validation

Filed Under: General Tagged With: app sec, app testing, AppSec, sdlc, secure application, secure development, security, security testing

June 27, 2023 by James Jardine

Technical Debt vs. New Dev

When it comes to application vulnerabilities, there are 2 common groups we might view them: Technical Debt and New Development.  I break these down because the way in which we address vulnerabilities is fundamentally different. Something that might not be exploitable receives a very low priority when it is technical debt. However, during new development, it can be addressed with little cost. Much of this comes down to if soemthing is syntactically insecure vs. actually vulnerable. Let’s look at … [Read more...] about Technical Debt vs. New Dev

Filed Under: General Tagged With: application security, AppSec, developer training, secure development, security, training

January 31, 2023 by James Jardine Leave a Comment

Ep. 120: Addressing Root Cause – Vulnerable Components

In this episode we talk about addressing the root cause of an issue versus the symptoms. How can the process of keeping application components updated be improved? For more info go to https://www.developsec.com or follow us on twitter (@developsec). DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help. Transcript: In this episode, James talks about root cause analysis versus treating … [Read more...] about Ep. 120: Addressing Root Cause – Vulnerable Components

Filed Under: Podcast Tagged With: application security, application security program, developsec, secure development, security, vulnerable components

January 19, 2023 by James Jardine Leave a Comment

Ep. 119: Risks of SpellCheck

In this episode we talk about the spell check feature of the browser and how it could present a risk to sensitive data. Listen to the Episode: Link to article referenced: https://www.darkreading.com/application-security/spellchecking-google-chrome-microsoft-edge-browsers-leaks-passwords For more info go to https://www.developsec.com or follow us on twitter (@developsec). … [Read more...] about Ep. 119: Risks of SpellCheck

Filed Under: Podcast Tagged With: app sec, developsec, secure coding, secure development, security

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 11
  • Go to Next Page »

Primary Sidebar

Contact Us:

Contact us today to see how we can help.
Contact Us

Footer

Company Profile

Are you tackling the challenge to integrate security into the development process? Application security can be a complex task and often … Read More... about Home

Resources

Podcasts
DevelopSec
Down the Security Rabbithole (#DTSR)

Blogs
DevelopSec
Jardine Software

Engage With Us

  • Email
  • GitHub
  • Twitter
  • YouTube

Contact Us

DevelopSec
Email: james@developsec.com



Privacy Policy

© Copyright 2018 Developsec · All Rights Reserved