October 27, 2022
After two decades of raising awareness about the big problems in application security, the Open Web Application Security Project (OWASP) stands at a crossroads. Founder Mark Curphey outlines his manifesto for modernization.
October 26, 2022
Modern software supply chain security depends on getting your tools right, and focusing on the end-to-end software development lifecycle. Here's what you need to maintain your software development and release and stay secure.
September 15, 2022
Twitter’s former head of security, Peiter “Mudge” Zatko (pictured), has some damning things to say about the service’s DevOps security — or lack of it.
August 22, 2022
Exploring the “how” of CI/CD compromises, researchers show many of the culprits will be familiar to security teams.
June 14, 2022
Omer Gil and Daniel Krivelevich outlined the top 10 CI/CD security risks at RSA Conference, analyzing five recent breaches. Here's what you need to know.