Archives for January, 2012
by Neil MacDonald | January 30, 2012 | 8 Comments
Dynamic Application Security Testing (DAST) solutions test applications from the “outside in” to detect security vulnerabilities. In contrast, Static Application Security Testing (SAST) solutions test applications from the “inside out” by looking a source code, byte code or binaries. Both approaches have their pros and cons and, until recently, the market for these tools has [...]
Category: Application Security Security Intelligence Tags: Adaptive Security Infrastucture, Application Security, application security testing tools
by Neil MacDonald | January 17, 2012 | Comments Off
DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision is incomplete without the incorporation of information security, which represents yet another silo in IT. Breakdowns in communications and processes across development, operations and security [...]
Category: Application Security Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, application security testing tools, Defense-in-Depth, DevOpsSec, Next-generation Data Center, Next-generation Security Infrastructure, Security-Summit-NA
by Neil MacDonald | January 9, 2012 | 6 Comments
I called this a “security no brainer” years ago and the advice is absolutely still relevant today. In Gartner’s latest Magic Quadrant for Dynamic Application Security Testing (DAST) solutions for clients, one of the evaluation criteria we looked at was whether or not the vulnerability knowledge of the DAST solution could be exported and used [...]
Category: Application Security Security Intelligence Tags: Application Security, application security testing tools, Best Practices, Security No-Brainer
by Neil MacDonald | January 4, 2012 | 1 Comment
We’ve just published a new Magic Quadrant for Dynamic Application Security Testing (DAST) for Gartner clients. In Gartner research, we use the term DAST to refer to testing solutions and techniques that are designed to test an application from the “outside in” to detect conditions indicative of a security vulnerability in an application in its [...]
Category: Application Security Applications Cloud Cloud Security Tags: Application Security, application security testing tools, Cloud Security
