Applications, Information and SDLC - Information Technology Zone

Reimagine application modernisation with the power of generative AI

CIO Business Intelligence

JANUARY 15, 2025

In a global economy where innovators increasingly win big, too many enterprises are stymied by legacy application systems. Modernising with GenAI Modernising the application stack is therefore critical and, increasingly, businesses see GenAI as the key to success. The solutionGenAIis also the beneficiary.

Applications

Applications SDLC Agile Enterprise

7 types of tech debt that could cripple your business

CIO Business Intelligence

MARCH 25, 2025

After all, a low-risk annoyance in a key application can become a sizable boulder when the app requires modernization to support a digital transformation initiative. Accenture reports that the top three sources of technical debt are enterprise applications, AI, and enterprise architecture.

Architecture

Architecture Devops Open Source Database Administration

Jeremiah Grossman: Focus on ransomware, SDLC, and endpoints

Network World

JULY 1, 2016

With so many elements in information security -- application, network infrastructure, the endpoint, perimeter defenses, and data-centric approaches -- it's easy to fall in the trap of touting one as more important than the other. That overlap is most evident with application and endpoint security.

SDLC

SDLC Fractional CTO Information Security CTO

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Beyond DevSecOps: Why fintech companies need to consider DevSecRegOps

CIO Business Intelligence

OCTOBER 31, 2023

As a practice, DevSecOps is a way to engrain practices in your SDLC that ensures security becomes a shared responsibility throughout the IT lifecycle. Ideally, ensuring these compliance checklists trigger a failure close to the beginning of the SDLC ensures you don’t get to the end and realize you’re not compliant.

Company

Company SDLC Meeting Banking

Scaling security: How to build security into the entire development pipeline

CIO Business Intelligence

OCTOBER 31, 2023

When an application is finally ready for deployment, the last thing the development team wants to hear is: “Stop! And then, after months of painstaking work, their application launch is delayed even further. This pipeline helps move products to market faster and create a standardized process for application deployment.

Security

Security Development How To SDLC

When least privilege is the most important thing

CIO Business Intelligence

NOVEMBER 2, 2023

In the ever-evolving realm of information security, the principle of Least Privilege stands out as the cornerstone of safeguarding sensitive data. However, this fundamental concept, emphasizing limited access to resources and information, has been progressively overlooked, placing our digital ecosystems at greater risk.

Backup

Backup Information Security Security Cloud

How to make your developer organization more efficient

CIO Business Intelligence

SEPTEMBER 1, 2023

Developers are hired for their coding skills, but often spend too much time on information-finding, setup tasks, and manual processes. If there’s a code structure that has to be reused every time you’re creating an application, that structure can be standardized as a template,” said Stoyko. The result?

Development

Development How To SDLC Engineering

The hidden cost of insecure code: More than just data breaches

CIO Business Intelligence

AUGUST 26, 2024

In this worst-case scenario, a business immediately faces a lengthy list of clear-cut recovery expenses: Breach investigation: To understand the full scope of the compromise, you’ll need to launch a thorough forensic investigation spanning storage systems, networks, application code, etc. Lost productivity and frustration ensue.

Data

Data Engineering Security SDLC

What CEOs really need from today’s CIOs

CIO Business Intelligence

AUGUST 3, 2022

But don’t attempt to create a modern software development lifecycle (SDLC) on an industrial era infrastructure. The target architecture of the data economy is platform-based , cloud-enabled, uses APIs to connect to an external ecosystem, and breaks down monolithic applications into microservices.

Architecture

Architecture Cloud Software Software

What Executives Should Know About Shift-Left Security

CIO Business Intelligence

FEBRUARY 24, 2023

By Zachary Malone, SE Academy Manager at Palo Alto Networks The term “shift left” is a reference to the Software Development Lifecycle (SDLC) that describes the phases of the process developers follow to create an application. Shifting security left in your SDLC program is a priority that executives should be giving their focus to.

Security

Security SDLC Applications Development

Lord of the Metrics

A CIO's Voice

OCTOBER 18, 2010

As a department, IT should be vigilant at applying information processing capabilities that benefit the business. Operate and support the business applications that process information. Operate and support the business applications that process information. Application performance – average availability.

SDLC

SDLC WAN Budget Trends

5 Ways to Prevent Secret Sprawl

SecureWorld News

AUGUST 30, 2021

In the software development life cycle (SDLC), 85% of leaking secrets come from developers sharing information on public personal accounts. This goes to show just how important it is to have the proper training, procedures, and tools in place when it comes to combatting secret sprawl and leaks in your SDLC.

SDLC

SDLC Software Development Software Software

Phishing Email Subject Lines that End-Users Find Irresistible

SecureWorld News

JULY 7, 2020

We sought out to determine how important DevSecOps is within the Software Development Life Cycle (SDLC), the importance of Audits within DevSecOps and the overall impact DevSecOps is having on enterprises. How important is DevSecOps in the SDLC? For more information on the survey results download our Survey Whitepaper.

SDLC

SDLC Survey Software Development Security

Measuring CIO Performance

A CIO's Voice

NOVEMBER 2, 2010

Application Management. Application Management. Various business critical applications. GOAL – Application is the latest version. Application development to support business goals. GOAL – Maintain adequate budget information. Leadership and Management: Strategic Leadership. People Management.

Training

Training Budget Meeting Policies

How Fuzzing Redefines Application Security

ForAllSecure

JULY 8, 2021

The application security testing market is highly fragmented. From SAST to DAST to SCA to IAST to RASP, the current state of the market is a byproduct of various assertions on what is believed to be the best way to address application security testing. Mayhem, for example, is able to: Conduct binary analysis of applications (DAST).with

Applications

Applications Security Analysis SDLC

Your AST Guide for the Disenchanted: Part 6

ForAllSecure

NOVEMBER 3, 2020

Generates a bill of materials for applications and the corresponding known vulnerabilities within them. Executes uncommon and unknown attack patterns against applications and monitors for anomalous behaviors. Application State During Testing. SDLC Phase. Software Composition Analysis (SCA). Advanced Fuzz Testing (AFT).

SDLC

SDLC Applications Study Devops

Your AST Guide for the Disenchanted: Part 6

ForAllSecure

NOVEMBER 3, 2020

Generates a bill of materials for applications and the corresponding known vulnerabilities within them. Executes uncommon and unknown attack patterns against applications and monitors for anomalous behaviors. Application State During Testing. SDLC Phase. Software Composition Analysis (SCA). Advanced Fuzz Testing (AFT).

SDLC

SDLC Applications Study Devops

Your AST Guide for the Disenchanted: Part 6

ForAllSecure

NOVEMBER 3, 2020

Generates a bill of materials for applications and the corresponding known vulnerabilities within them. Executes uncommon and unknown attack patterns against applications and monitors for anomalous behaviors. Application State During Testing. SDLC Phase. Software Composition Analysis (SCA). Advanced Fuzz Testing (AFT).

SDLC

SDLC Applications Study Devops

Your AST Guide for the Disenchanted: Part 5

ForAllSecure

OCTOBER 20, 2020

They solve intricate problems by writing applications. Many R&D teams have come to this realization and have armed their developers with static application security testing (SAST) tools that promise to teach their developers to build security into their code. Writing code and writing secure code require two separate skill sets.

SDLC

SDLC Applications Security Development

Your AST Guide for the Disenchanted: Part 5

ForAllSecure

OCTOBER 20, 2020

They solve intricate problems by writing applications. Many R&D teams have come to this realization and have armed their developers with static application security testing (SAST) tools that promise to teach their developers to build security into their code. Writing code and writing secure code require two separate skill sets.

SDLC

SDLC Applications Security Study

Your AST Guide for the Disenchanted: Part 5

ForAllSecure

OCTOBER 20, 2020

They solve intricate problems by writing applications. Many R&D teams have come to this realization and have armed their developers with static application security testing (SAST) tools that promise to teach their developers to build security into their code. Writing code and writing secure code require two separate skill sets.

SDLC

SDLC Applications Security Study

Safeguarding Ethical Development in ChatGPT and Other LLMs

SecureWorld News

AUGUST 7, 2023

This subtle but insidious form of attack can lead to the theft of data, IP (Intellectual Property), funds, and dissemination of false information, all of which compromise the credibility of the technology and erodes user trust. Why should AI get a pass on S (Secure) SDLC methodologies? I firmly believe they can.

Development

Development SDLC Security Tools

Cognitive on Cloud

Cloud Musings

DECEMBER 19, 2016

DeepMind can “remember” using this external memory and use it to understand new information and perform tasks beyond what it was programmed to do. The brain-like abilities of DeepMind mean that analysts can rely on commands and information, which the program can compare with past data queries and respond to without constant oversight. ·

Cloud

Cloud IBM SDLC Analysis

Why Fuzz Testing Is Indispensable: Billy Rios

ForAllSecure

SEPTEMBER 2, 2021

I recently spoke to Gartner on the addition of fuzz testing to their Critical Capabilities for the Application Security Testing Magic Quadrant. When organizations choose to implement fuzzing in the SDLC, they’re coming in with a different level of commitment. They’re just too valuable. This is key.

SDLC

SDLC Programming Applications Security

Your AST Guide for the Disenchanted: Part 4

ForAllSecure

OCTOBER 6, 2020

Developing applications works the same way. With the exponential speed at which applications are proliferating into every aspect of our lives, it comes as no surprise that developers often write code to assemble them. The challenge in securing third-party applications and code. Application State During Testing.

SDLC

SDLC Analysis Open Source Applications

Your AST Guide for the Disenchanted: Part 4

ForAllSecure

OCTOBER 6, 2020

Developing applications works the same way. With the exponential speed at which applications are proliferating into every aspect of our lives, it comes as no surprise that developers often write code to assemble them. The challenge in securing third-party applications and code. Application State During Testing.

SDLC

SDLC Analysis Open Source Applications

Your AST Guide for the Disenchanted: Part 4

ForAllSecure

SEPTEMBER 25, 2020

Developing applications works the same way. With the exponential speed at which applications are proliferating into every aspect of our lives, it comes as no surprise that developers often write code to assemble them. The challenge in securing third-party applications and code. Application State During Testing.

SDLC

SDLC Analysis Open Source Applications

10 Stages of the software development lifecycle for startups

Dataconomy

APRIL 5, 2024

In addition, UX/UI designers can create frames and prototypes that show how the application’s user interface will respond to interaction, thereby determining the feasibility of the prototype functionality before moving on to implementation. Developers need to decide what they will use to develop the application. Image credit ) 4.

Software Development

Software Development Software Software Development

No Scrum Master? No Problem - Social, Agile, and Transformation

Social, Agile and Transformation

NOVEMBER 3, 2009

Then, in a subsequent session on Redefining Application Development with Offshore Agile, Greg Reiser presented several organizational models for offshore agile development. 3) Think through how best to assign these responsibilities based on the talents of your team members and the structure by which you implement the SDLC. Guess what!

SCRUM

SCRUM Agile Social Project Management

Securing Your APIs

ForAllSecure

OCTOBER 27, 2021

It’s safe to say that APIs are now a critical part of modern application architectures today. In the age of SaaS applications and infrastructure, many architectures are designed around being API-first for managing data ingestion and retrieval. Through our GitHub app, developers can identify repositories as applications to fuzz.

Security

Security Authentication Applications SDLC

FuzzCon 2021 Addresses Ease-of-Use in Fuzz Testing

ForAllSecure

SEPTEMBER 9, 2021

It truly is the future of application security. The advent of CI/CD, DevOps, and Digital Transformation has rendered application security testing 1.0 These tools base their checkers and test cases on already known information -- CWEs and/or CVEs. There is a big difference between data, which is just data, and actual information.

SDLC

SDLC Security Applications Analysis

Good, Fast, Cheap: Can CIOs Have them All

Future of CIO

DECEMBER 20, 2012

Holiday season actually stimulates creativity, and spurs optimism; from one of IT performance debates: “good cheap, fast for enterprise application development, which two should CIO pick?”,--many commentators set positive tunes and think it possible to have them all. Let vendors compete hard to get the contract.

SDLC

SDLC Agile Architecture Applications

The Evolution of Security Testing

ForAllSecure

JULY 27, 2021

Based on these numbers, the average SAST tool is likely to find only 14 percent of the vulnerabilities in an application’s code. This has given rise to the application security space. It then becomes a question of code coverage - is your application security solution providing protect your organization?

Security

Security Applications Development SDLC

A Guide To Automated Continuous Security Testing

ForAllSecure

JULY 13, 2021

The acceleration of application development has shown no sign of stopping. Increasingly complex applications are calling for the need to anticipate, detect, and respond to new threats. As a result, we’re seeing increasingly complex, interconnected software. Evolution of Development. This is a problem. million worldwide.

Security

Security SDLC Software Software

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

ForAllSecure

AUGUST 21, 2019

They solve intricate problems by writing applications. Many R&D teams have come to this realization and have armed their developers with static application security testing (SAST) tools. Because SAST is conducted on applications while they’re in a non-running state, it can only blindly apply coding best practices.

Development

Development Security Devops Applications

Breaking Down the Product Benefits

ForAllSecure

JANUARY 21, 2021

Ownership over application test suites is a driving purchasing requirement for some organizations, especially for those who are maturing their application security processes. These test suites are not custom to your application. They automate testing to the same areas of code, centralizing defects throughout an application.

Open Source

Open Source Licensing Applications SDLC

Breaking Down the Product Benefits

ForAllSecure

JANUARY 21, 2021

Ownership over application test suites is a driving purchasing requirement for some organizations, especially for those who are maturing their application security processes. These test suites are not custom to your application. They automate testing to the same areas of code, centralizing defects throughout an application.

Open Source

Open Source Licensing Analysis Applications

Three Aspects of Enterprise Architecture Governance

Future of CIO

OCTOBER 26, 2013

It would direct and guide information technology decisions (selection of technologies, use or reuse of functionality, models, and frameworks for analysis and decision making within IT, etc) 2. So it's about the interrelation of all objects which are part of all (other) sub-architectures. The same relations are between EAG and EA Frameworks.

Architecture

Architecture Government Enterprise Enterprise

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. Equifax receives its judgment.

Security

Security Applications Development Financial

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

ForAllSecure

AUGUST 21, 2019

They solve intricate problems by writing applications. Many R&D teams have come to this realization and have armed their developers with static application security testing (SAST) tools. Because SAST is conducted on applications while they’re in a non-running state, it can only blindly apply coding best practices.

Development

Development Security Devops Applications

KEY TAKEAWAYS FROM FORALLSECURE’S, “ACHIEVING DEVELOPMENT SPEED AND CODE QUALITY WITH NEXT-GENERATION FUZZING” WEBINAR

ForAllSecure

AUGUST 21, 2019

They solve intricate problems by writing applications. Many R&D teams have come to this realization and have armed their developers with static application security testing (SAST) tools. Because SAST is conducted on applications while they’re in a non-running state, it can only blindly apply coding best practices.

Development

Development Security Devops Applications

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. Equifax receives its judgment.

Security

Security Applications Development Financial

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. Equifax receives its judgment.

Security

Security Applications Development Financial

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

This is all about trying to prevent these secondary channels of an adversary injecting false information into sensor. And so there's often an application of responsibility for certain things. And how exactly do you transduce information? You can almost think of it like an acoustic sleight of hand. So it depends.

Research

Research Engineering Examples System

Reimagine application modernisation with the power of generative AI

7 types of tech debt that could cripple your business

Webinars

Trending Sources

Jeremiah Grossman: Focus on ransomware, SDLC, and endpoints

Webinars

Beyond DevSecOps: Why fintech companies need to consider DevSecRegOps

Scaling security: How to build security into the entire development pipeline

When least privilege is the most important thing

How to make your developer organization more efficient

The hidden cost of insecure code: More than just data breaches

What CEOs really need from today’s CIOs

What Executives Should Know About Shift-Left Security

Lord of the Metrics

5 Ways to Prevent Secret Sprawl

Phishing Email Subject Lines that End-Users Find Irresistible

Measuring CIO Performance

How Fuzzing Redefines Application Security

Your AST Guide for the Disenchanted: Part 6

Your AST Guide for the Disenchanted: Part 6

Your AST Guide for the Disenchanted: Part 6

Your AST Guide for the Disenchanted: Part 5

Your AST Guide for the Disenchanted: Part 5

Your AST Guide for the Disenchanted: Part 5

Safeguarding Ethical Development in ChatGPT and Other LLMs

Cognitive on Cloud

Why Fuzz Testing Is Indispensable: Billy Rios

Your AST Guide for the Disenchanted: Part 4

Your AST Guide for the Disenchanted: Part 4

Your AST Guide for the Disenchanted: Part 4

10 Stages of the software development lifecycle for startups

No Scrum Master? No Problem - Social, Agile, and Transformation

Securing Your APIs

FuzzCon 2021 Addresses Ease-of-Use in Fuzz Testing

Good, Fast, Cheap: Can CIOs Have them All

The Evolution of Security Testing

A Guide To Automated Continuous Security Testing

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

Breaking Down the Product Benefits

Breaking Down the Product Benefits

Three Aspects of Enterprise Architecture Governance

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

KEY TAKEAWAYS FROM FORALLSECURE’S, “ACHIEVING DEVELOPMENT SPEED AND CODE QUALITY WITH NEXT-GENERATION FUZZING” WEBINAR

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

The Hacker Mind Podcast: Hacking With Light And Sound

Stay Connected