Build a holistic AppSec program

Thursday, July 21, 2022

What does it mean to build a holistic AppSec program? Learn what’s involved in a holistic approach and how to get started. Digital technology is the centerpiece of modern life today. All around us, technology is transforming business operations from end-to-end, from digital-first businesses to those simply updating existing processes. According to Gartner, 65% of executives …

Synopsys Named a Leader in the 2022 Gartner Magic Quadrant for Application Security Testing for the Sixth Year

Monday, April 25, 2022

In the 2022 Gartner® Magic QuadrantTM for Application Security Testing, Synopsys placed highest and farthest right for the fourth consecutive year for our Ability to Execute and our Completeness of Vision. What does it take to be a leader? Leadership is a funny thing. It’s often difficult to define in the abstract but easy to …

How Can Banks Innovate Without Compromising Security?

Thursday, July 29, 2021

Digital banking security is a competitive space – especially since the rise of challenger banks. But how can exciting and innovative services be built and deployed without running the risk of data breaches and other security compromises? Challenger banks are driving service innovation Challenger banks like Monzo, Revolut, and Starling emerged partly in response to …

python and application security

Real-World Python Application Security Scanning With ThunderScan SAST

Thursday, April 22, 2021

1. How popular Python really is? Python programming language is becoming increasingly popular in application development and it is easy to see why. Python is simple, clean, and very powerful, therefore no surprise it is used in variety of use cases – ranging from simple and handy Python scripts, but also used effectively in very …

WebStrike SAST tool from DefenseCode

Identifying Client-Side JavaScript Security Vulnerabilities in SAPUI5 Applications Using SAST

Thursday, March 25, 2021

1. JavaScript Client-Side Frameworks These days you can find various popular JavaScript frameworks for creating interactive, eye catching and responsive frontends and user interfaces for your applications. Some of the most popular JavaScript frontend frameworks include Angular, React, Vue.js. Security controls implemented in these frameworks can vary significantly from framework to framework. As frameworks mature, …

Kiuwan web application security blueprint

Create a Web Application Security Blueprint

Monday, January 04, 2021

The best way to make web applications secure is to include security at every step along the development process, from requirements analysis, to design, to implementation and testing, and into maintenance and update phases. To that end, it’s wise to consider a kind of “security blueprint” as part and parcel of how you work through …

lexington soft defensecode partnership

Lexington Soft Partners With DefenseCode to Bridge the Gap Between Security and DevOps

Thursday, October 22, 2020

Chennai, Tamil Nadu, India:  Lexington Soft Pvt. Ltd., has been appointed as a best-in-class enterprise software products and software development tools, to represent DefenseCode across South East Asia. DefenseCode offers two licensed solutions: Its flagship product, ThunderScan® is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing deep and extensive security analysis of …

communicating with customers about a security breach

Communicating with Customers in the Event of a Breach

Thursday, October 15, 2020

There are three phases of defending against cyber attacks: putting in place sufficient protections and robust authentication mechanisms to try and prevent attacks; appropriately defending against an active attack once it is discovered, and communicating accurately and effectively to customers and shareholders: What happened Why it happened What it means Let’s examine a major retailer’s …

DefenseCode GitHub integration

DefenseCode announces GitHub Action to provide SAST solution for developers

Thursday, October 08, 2020

DefenseCode Group is proud to announce that DefenseCode’s Static Application Security Testing (SAST) ThunderScan® solution is now available as a GitHub Action, offering security vulnerability analysis across 30+ languages providing detailed vulnerability reports integrated into GitHub. GitHub is a developer collaboration platform and home to more than 50 million users, 3 million organizations, and over 100 …

Codesonar update

Latest Version of CodeSonar Improves on C++ Analysis, MISRA Support; Introduces Subcommands for DevSecOps and More

Thursday, September 17, 2020

The latest version of GrammaTech CodeSonar, Version 5.4, continues our commitment to being the go-to provider for static application security testing (SAST) and the static analysis tool of choice for improving software safety, security and quality. This release has several new features as well as compatibility updates, and other improvements. This release has several new features …