Any modern company that develops software solutions has to follow secure by design and application security concepts. It’s imperative to do it right from the beginning, preferably aligning the SDLC process with one of the security frameworks and verifying that the product being developed doesn’t include known weaknesses or vulnerabilities. Application Security is a perfect example where cybersecurity has to be done side by side with the project advancement. We believe that we all have the same end goal, releasing functional and secure products. The main question is how to add security seamlessly and as early as possible without impacting our release speed. While preparing for our third season, we came up with several questions that we would ask our guest vendors during the season and would like to share with our audience.
When we are looking to introduce AppSec as part of the SDLC process we should know and understand the following terms and abbreviations that would be in our glossary: SAST, SCA, VA, DAST, IAST, RASP, SBOM