The emphasis on securing applications in development has not resulted in the reduction of breaches that was once expected.
You need to deliver new applications and API’s, fast. Unfortunately, this “need for speed” can lead to vulnerabilities in software code.
Securing today’s applications is no easy task. Should you use DAST or SAST to secure your applications?
API security testing is a critical – yet often missed – step when adopting a blueprint for API Governance.
Our research shows that the most successful AppSec programs take a very structured and layered approach.
“The new normal.” “Unprecedented times.” “Unforeseen conditions.” However you describe it, there is no question – things are different.
Hear from veteran cybersecurity leader-practitioners about evolving “vendor relationships” into “strategic partner alliances” to succeed at scale.
The end of the year is quickly approaching and it’s time to schedule your service check.
To learn how the current business climate has affected organizations like yours and what lessons and best practices we can take away from these breaches.
Women make up only 24% of the security workforce. While this number has increased over the last three years, we are still not where we should be.
Applications drive our global economy, and surprisingly, many lack the protections needed to keep critical data safe and secure.
Digital transformation has morphed from a competitive advantage to a necessity for business survival.
While formulating your race strategy to stay secure in 2021 and beyond, your security team must be running at optimal performance as they work with your development teams to ensure vulnerabilities are identified.
As part of the Payment Services Directive 2 (PSD2), the European regulation for electronic payment services seeks to make payments more secure in Europe, boost innovation and help banking services adapt to new technologies.
For years, businesses have developed applications to meet customer, partner, and vendor needs, and for years, attackers have taken advantage of application flaws to compromise organizations and put their customers at risk.
Finely-tuned DevOps provides many benefits to an enterprise, including speed of development, improved deployment frequency, lower failure rates of new releases, and faster times to market.
APIs expose application logic and sensitive data such as Personally Identifiable Information (PII), APIs have increasingly become a target for attackers leading to many serious data breaches in recent past.
Speed to market has been everything in the software development world. But over time we’ve discovered that speed alone cannot remain the end all be all. Security must become part of the software development.
U.S. election security is a top national interest. All national, state, and local election organizations are under immense pressure to secure their voting systems.
This presentation covers characteristics found in functionalities that are commonly susceptible to SSRF attacks.
Attend this webinar to learn how to prevent mobile app security intrusions and address data privacy challenges.
APIs are doors into your data and applications, so pausing to include security is just as important as securing web applications.
Join NTT Application Security’s Chief Scientist, Eric Sheridan, as he discusses the DevSecOps framework from development, build, to deployment.
We look at crucial application security data to derive conclusions, identify trends, and highlight what’s working and what’s not when it comes to DevSecOps and secure application delivery.
Dispel DevSecOps myths, such as: omnipotence of the shift-to-the-left, all-powerful automation, and preeminence of the culture.
New threats emerge as the landscape of the cloud application evolves from more traditional environments.
The Twelve Factor App captured a methodology that developers can apply to build software-as-a-service apps that are both scalable and maintainable in a DevOps world.
Join Joseph Feiman, Chief Strategy Officer at NTT Application Security, and guest speaker Amy DeMartine from Forrester, for a dive into the market trends for Software Composition Analysis.
Join us to understand what happens when someone logs into a web application. Mike King, Technical Escalations Engineer for NTT Application Security, will guide you through common access scenarios and vulnerabilities.
Join Mark Rogan, DAST Manager from the NTT Application Security Service Delivery, as he discusses the top vulnerabilities and gives valuable prevention tips for enterprises to implement.
The journey to a microservices architecture generally involves the decomposition of an already existing monolithic application, wherein previous security assumptions and considerations are often questioned and sometimes invalidated.
The new year brings fundamental changes to the application security battleground – and with them, new questions that organizations must answer.
It is challenging to keep up with the number and prevalence of vulnerabilities. Many frequently download third-party components that contain critical vulnerabilities, which can lead to serious exploits and attacks.
The Path Traversal attack technique (also known as Directory Transversal) allows an attacker to access files, directories, and commands that reside outside the root directory.
Cross-site scripting (XSS) is one of the most common web vulnerabilities that can lead to phishing attacks, website defacement, session hijacking, and installation of malware on a victim’s computer.
SQL injection attacks enable attackers to tamper with, delete or steal sensitive data from corporate databases. We will discuss SQL injection attacks and how to best defend against them.
Mobile app development has become an assembly game where almost anyone can build an app. For more sophisticated apps built by mobile developers using native languages like Java and SWIFT.
This year NTT Application Security has partnered with strategic partners Coalfire and NowSecure on the 2018 Application Security Statistics Report and analyzed data from more than 20,000 applications to provide a true state of application security report.
Traditional software development processes involve relatively large teams working on a single, monolithic deployment artifact. A microservices architecture, on the other hand, provides a different approach to software development.