Tag: DAST
Security Across the SDLC
Don Macvittie | | AAS, API security, CSPM, DAST, DDos, development security, devops, DLP, IAST, RASP, SAST, WAAP
Don MacVittie believes we've made progress integrating security across the SDLC, but there's still a ways to go ...
2024: The Year of Testing
Don Macvittie | | application quality, application security, DAST, functional, integration, SAST, sdlc, TDD, testing
Now that AI has made advanced automation a fact, it is time to consider implementing the level of testing we always knew we should have ...
Veracode Extends DAST Reach Left Toward Developers
Mike Vizard | | app testing, continuous testing, DAST, Dynamic Application Security Testing, Veracode
Veracode launched a version of its automated DAST tool, dubbed DAST Essentials, that is embedded within an IDE ...
Shift Left With DAST: Dynamic Testing in the CI/CD Pipeline
By focusing on application security like an attacker would, DAST can discover potential security threats that static testing methods might miss ...
The Security Pipeline
Don Macvittie | | agile, container image scanning, DAST, devsecops, IAST, SAST, SBoM, SCA, security, security integration
Over the last few years, the ability to secure our applications has grown, and deep integration into the DevOps toolchain has, too. There are more tools doing more security checks protecting more ...
Synopsys Preps Extensions to Polaris SaaS Platform
Synopsys plans to extend the capabilities of its Polaris Software Integrity Platform for securing application development environments by adding dynamic application security testing (DAST) tools along with the ability to scan code ...
Addressing Software Supply Chain Security
Tomislav Pericin | | DAST, SAST, SCA, Software Supply Chain, software supply chain attacks, Software Supply Chain Security
It’s essential for organizations to learn more about the software supply chains they rely on and the steps needed to secure them. In just the past few years, we have seen a ...
Update to Open Source ZAP Tool Improves DAST Performance
An update to the OWASP Zed Attack Proxy (ZAP) open source dynamic application security testing (DAST) tool made available today improves performance by employing a multi-threaded passive scanner engine. Version 2.12.0 of ...
Turning Off DevSecOps Noise for Functional Fidelity
Analyzing the DevOps and DevSecOps software marketplace demonstrates the high demand for tools and platforms that reduce false positives. As businesses and organizations adopt a rigorous, disciplined software development life cycle and ...
Quick! Define DevSecOps: Let’s Call it Development Security
For a good long while, DevSecOps referred specifically to vendors like Veracode that did static application security scanning, dynamic application security scanning, software composition analysis and some form of runtime monitoring (usually ...
Synopsys Sets Course After Agreeing to Acquire WhiteHat Security
Synopsys, Inc. plans to add dynamic application security testing (DAST) tools to its software-as-a-service (SaaS) platform in the wake of agreeing to acquire WhiteHat Security from NTT Security Corp. for approximately $330 ...
Securing Software with Intelligent Pipelines
One of the biggest cybersecurity risks involves vulnerabilities in the application layer. After all, the best firewall is useless if the web application itself is vulnerable. Many companies have worked to mitigate these ...
