A CIO's Voice

NOVEMBER 2, 2010

Application Management. GOAL – Ensure company retention of high potential employees and recruit new, high caliber employees. Application Management. Various business critical applications. GOAL – Application is the latest version. Application development to support business goals. People Management.

Training 107

Training Budget Meeting Policies 107

ForAllSecure

SEPTEMBER 2, 2021

I recently spoke to Gartner on the addition of fuzz testing to their Critical Capabilities for the Application Security Testing Magic Quadrant. In that conversation, one analyst shared that companies that implement fuzz testing programs never rip them out. It makes sense because they’re a product company. This is key.

SDLC 52

SDLC Programming Applications Security 52

Dataconomy

APRIL 5, 2024

This is because young companies tend to have a more flexible and innovative approach. In addition, UX/UI designers can create frames and prototypes that show how the application’s user interface will respond to interaction, thereby determining the feasibility of the prototype functionality before moving on to implementation.

Software Development 78

Software Development Software Software Development 78

SecureWorld News

AUGUST 7, 2023

Why should AI get a pass on S (Secure) SDLC methodologies? Despite the active contributions of SDLC methodologies over the past 20 years—such as Waterfall, Agile, V-shaped, Spiral, Big Bang, and others—there remains a lack of security-by-design for integration into AI developments such as ChatGPT, DALL-E, and Google's Bard.

Development 98

Development SDLC Security Tools 98

Cloud Musings

DECEMBER 19, 2016

Companies that are leveraging cloud today must also prepare for the cognitive computing era. This blend of cloud and cognitive has, in fact, created a brand new application development model. Developing cognitive applications to run on mobile devices has provided new insights which help organizations create totally new revenue streams.

Cloud 70

Cloud IBM SDLC Analysis 70

ForAllSecure

SEPTEMBER 9, 2021

Director of Microsoft Research NExT Special Projects, echoed this sentiment: “Fuzzing seems like black magic and it just seems impossible to bring into [a] company. It truly is the future of application security. The advent of CI/CD, DevOps, and Digital Transformation has rendered application security testing 1.0

SDLC 52

SDLC Applications Security Analysis 52

ForAllSecure

JULY 13, 2021

The acceleration of application development has shown no sign of stopping. Increasingly complex applications are calling for the need to anticipate, detect, and respond to new threats. In 2019, Satya Nadella, CEO of Microsoft, software company. As a result, we’re seeing increasingly complex, interconnected software.

Security 52

Security SDLC Software Software 52

Future of CIO

DECEMBER 20, 2012

Holiday season actually stimulates creativity, and spurs optimism; from one of IT performance debates: “good cheap, fast for enterprise application development, which two should CIO pick?”,--many commentators set positive tunes and think it possible to have them all. Let vendors compete hard to get the contract.

SDLC 45

SDLC Agile Architecture Applications 45

ForAllSecure

FEBRUARY 2, 2023

Finding an effective way to protect applications from malicious actors can be a daunting task. Running tests manually is time-consuming, and small teams may feel that they don’t have the time required to secure their applications. Fuzz testing has traditionally only been available to companies with large security budgets.

SDLC 40

SDLC Budget Applications Security 40

Future of CIO

OCTOBER 26, 2013

So a value chain is made up of one or more parts of business processes, a business process uses several information sources, these information sources are available through one or more applications, which on their turn runs on one or more servers, which are finally hooked on a network.

Architecture 40

Architecture Government Enterprise Enterprise 40

ForAllSecure

JANUARY 19, 2023

I realized it boils down to one thing, and it’s what all the highest performing companies are already doing: automating offense as part of your defensive security program. High performers like Google and the Microsoft SDLC do this by continuously fuzzing their software with their own customized system.

Security 40

Security SDLC Strategy Open Source 40

Future of CIO

JANUARY 13, 2013

Do they feel like they're part of the company? Inconsistent approach to processes and procedures and/or does not distinguish between a PMP and an SDLC. And the IT budgeting process at most companies still looks like the same old exercise in containing IT costs. Is there pride in their work? and it's driven by IT management.

Budget 45

Budget Agile Government SDLC 45

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. Dave Bittner: [00:00:39] And now a word from our sponsor, ExtraHop, the enterprise cyber analytics company delivering security from the inside out. The second is the creation of fraudulent applications.

Security 52

Security Applications Development Financial 52

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. Dave Bittner: [00:00:39] And now a word from our sponsor, ExtraHop, the enterprise cyber analytics company delivering security from the inside out. The second is the creation of fraudulent applications.

Security 40

Security Applications Development Financial 40

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. Dave Bittner: [00:00:39] And now a word from our sponsor, ExtraHop, the enterprise cyber analytics company delivering security from the inside out. The second is the creation of fraudulent applications.

Security 40

Security Applications Development Financial 40

CIO Business Intelligence

AUGUST 26, 2024

In this worst-case scenario, a business immediately faces a lengthy list of clear-cut recovery expenses: Breach investigation: To understand the full scope of the compromise, you’ll need to launch a thorough forensic investigation spanning storage systems, networks, application code, etc. Lost productivity and frustration ensue.

Data 283

Data Engineering Security SDLC 283

ForAllSecure

OCTOBER 23, 2019

There is no guarantee that having the latest components that your application is secure against future threats. The application of SA is further complicated by the ever increasing size of code bases. These tools generally work on fully developed/deployed applications which fundamentally shifts them rightmost in the SDLC.

Software 52

Software Software Analysis Programming 52

ForAllSecure

MARCH 31, 2023

We'll explore how to integrate Mayhem into your testing workflow, best practices for using Mayhem, and real-world examples of how Mayhem has improved API testing for companies like yours. Explore real-world examples of how companies have used Mayhem to improve their API testing coverage and identify critical bugs.

Meeting 52

Meeting Automotive Open Source Devops 52

ForAllSecure

OCTOBER 23, 2019

There is no guarantee that having the latest components that your application is secure against future threats. The application of SA is further complicated by the ever increasing size of code bases. These tools generally work on fully developed/deployed applications which fundamentally shifts them rightmost in the SDLC.

Software 40

Software Software Analysis Programming 40

ForAllSecure

OCTOBER 23, 2019

There is no guarantee that having the latest components that your application is secure against future threats. The application of SA is further complicated by the ever increasing size of code bases. These tools generally work on fully developed/deployed applications which fundamentally shifts them rightmost in the SDLC.

Software 40

Software Software Analysis Programming 40