TOFU Archives

Proven Approaches to Increasing Training Adoption Rates

July 28, 2016

| Blog

The Training team, at Security Compass, is constantly looking for ways to help our customers get the best rate of return on their investment with […]

Read More →

Taming the Appsec Monster

June 6, 2016

| No Comments

| Blog

Taming the appsec Monster Most organizations either have their own central security teams or rely on external security consultants for building and rolling out AppSec programs. […]

Read More →

Top 5 Benefits of Role-based Security Training for Developers

March 2, 2016

| No Comments

| Blog

Software fulfills many critical roles in business today — from generating revenue to increasing operational efficiency. Software engineering teams face growing development queues and pressure to deliver. […]

Read More →

DevOps & Software Security: Turning unplanned work into planned work

February 23, 2015

| No Comments

| Blog

Every IT worker I’ve met has heard me rave about The Phoenix Project. The book uses an all-too-realistic fictional scenario to discuss the behaviors of a […]

Read More →

Debunking Myths: Application Security Checklists Suck

February 16, 2015

| No Comments

| Blog

There is a pervasive sentiment amongst the security community about checklists: they suck. We’ve all seen inflexible audit checklists that seem to be highly irrelevant […]

Read More →

Raising the Bar on Application Security Due Diligence

February 9, 2015

| No Comments

| Blog

Suppose Acme Inc., a multi-billion dollar company, suffers a web application breach that results in loss of critical client data. Buoyed by news of legal […]

Read More →

4 Reasons Why You Should Define Software Security Requirements for Mature Applications

February 2, 2015

| No Comments

| Blog

There’s a common misconception that security requirements are only useful for net new applications. Most people think once an application has been developed, it’s too […]

Read More →

4 Reasons Why Developers Don’t Read Secure Programming Guides

January 21, 2013

| No Comments

| Blog

At Security Compass, we had the experience of building secure programming guideline documents for a number of clients. Unfortunately, we found that in many cases the […]

Read More →

Developer-centric Threat Modeling

SD Elements

eLearning

Product Info

Solutions

Industries

Training

eLearning

Services

Advisory

Research

Upcoming Events

Resources

Media

Documents

eLearning

Topics

SD ELEMENTS

SD ELEMENTS

Product Info

Solutions

Industries

eLearning

ADVISORY

RESOURCES