Gartner Blog Network

Tag: 'application-security' Blog Posts

from the Gartner Blog Network

Gartner's First Ever Web App Firewall Magic Quadrant Just Published

by Adam Hils  |  June 17, 2014

Color me excited. Jeremy D'Hoinne, with co-authors Greg Young, Joseph Feiman (and me), has just put out Gartner's first MQ for WAF. It was a gargantuan effort to describe a...

Read more »

Comments: 4

Creating an Appetizing and Healthy Application Security Diet

by Ramon Krikken  |  July 2, 2012

In the recent month I've done both a Security Summit talk and a webinar about application security. The gist of the presentations - at least what I wanted customers to...

Read more »

Encryption Won't Always Save You, but it Certainly Will Cost You

by Ramon Krikken  |  June 20, 2012

I have encryption on my mind again a lot lately. It certainly has something to do with work in progress for presentations I'm giving at our Catalyst 2012 conference ("Protecting...

Read more »

Comments: 1

Getting Ready for Gartner’s 2012 Infrastructure & Operations and Information Security Summits

by Neil MacDonald  |  May 21, 2012

I’ve been absent from my typical blogging routine getting my material finalized for two Gartner upcoming US-based summits in June 2012. The first is Gartner’s Infrastructure and Operations Management Summit...

Read more »

The "Application Layer" - a Important Matter of Perspective

by Ramon Krikken  |  April 25, 2012

Security at the application-layer is getting ever more attention due to the large number of vulnerabilities that keep popping up in off-the-shelf and home-built software (although, in my opinion, it...

Read more »

What is the Right Level of Developer Security Training?

by Ramon Krikken  |  April 19, 2012

We're always working on updating our software security / application security coverage, and the time has come to spend a few months on gathering new information for the application security...

Read more »

More on Application Security Monitoring

by Anton Chuvakin  |  March 15, 2012

As I mentioned in “Many Faces of Application Security Monitoring,” the industry has not yet figured out what application security monitoring (ASM) is yet. For that reason, a lot of...

Read more »

Comments: 3

Intrusion Prevention Systems? We Need Intrusion Resilient Systems

by Neil MacDonald  |  February 3, 2012

I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I...

Read more »

Comments: 1

Many Faces of Application Security Monitoring

by Anton Chuvakin  |  February 2, 2012

Everybody knows what “network security monitoring” actually is (even if not everybody is DOING it…). There is a whole book on the subject. In addition, there is a shared understanding...

Read more »

Comments: 20

Interactive Application Security Testing

by Neil MacDonald  |  January 30, 2012

Dynamic Application Security Testing (DAST) solutions test applications from the “outside in” to detect security vulnerabilities. In contrast, Static Application Security Testing (SAST) solutions test applications from the “inside out”...

Read more »

Comments: 8