Speed to market has been everything in the software development world. But over time we’ve discovered that speed alone cannot remain the end all be all. The majority of data breaches have to do with web application security vulnerabilities; and therefore, security must become part of the software development equation.

There is no 100 percent secure, completely flawless computer program, yet security practices are often an after thought in programming. But even with the best security practices 'baked into' the software life cycle (SLC), there is still the possibility of a zero-day vulnerability existing in the code.

As Vulnerability Management systems move from CVSS v2 to v3, WhiteHat scoring keeps up.

Testing Single Page Applications for Broken Access Control Policies

As you’ve probably read, there is a serious vulnerability in the WPA2-PSK protocol that almost all WiFi traffic uses. This vulnerability is being called ‘KRACK’, which stands for Key Reinstallation Attack.

WhiteHat Scout is a fully automated static analysis product to develop secure software from the start for successful DevOps implementations.

In this article, I’m going to help you interpret how the different parts of this cybersecurity regulation touch on AppSec – that is, your websites, your mobile applications, your internal payment systems and networked third-party services.

The WhiteHat Sentinel Application Programming Interface (API) can help you out. Whether you’re looking to bring information into your own ticketing system, a SIEM, a new set of developer tools, or even a home-grown environment, we hope you’ll find pointers to the documentation which will help make it easy.

Every step has led me to where I am today, leading the Sales Engineering organization for WhiteHat Security. It’s a great opportunity to help my team demonstrate to organizations how application security works in a hands-on demonstration, and how to architect their AST solutions. But how did I get here?