Security Compass Blog

Learn about what's happening in software development and application security.

  • How to Build Custom Red Team Testing Tools in C++

    How to Build Custom Red Team Testing Tools in C++

    A conversation with Steven Patterson about his eBook, which teaches red team testing professionals how to start building Command and Control tools in C++.

    Read Article
  • The 2021 State of DevSecOps: Challenges and Drivers

    The 2021 State of DevSecOps: Challenges and Drivers

    In our survey, we found a rising trend toward the adoption of DevSecOps over the last year. Let's find out what are the biggest drivers and challenges with its implementation.

    Read Article
  • Survey: The 2021 State of DevSecOps

    Survey: The 2021 State of DevSecOps

    Last year was challenging, but it also presented a great opportunity for organizations to address cybersecurity in scalable ways. Let's learn where security is headed in 2021.

    Read Article

  • Check Out Upcoming Events & Webinars!

    Learn More
  • Cloud versus Traditional Security: Protecting Your Data & Systems

    Cloud versus Traditional Security: Protecting Your Data & Systems

    To stay secure while embracing the cloud, your organization will need a security program that takes into account the differences between cloud and traditional security.

    Read Article
  • The Future of Cybersecurity: Five Emerging Trends

    The Future of Cybersecurity: Five Emerging Trends

    2020 upended security strategies and IT roadmaps. Our team identified five cybersecurity trends that will influence security and business priorities moving ahead.

    Read Article
  • Using Balanced Development Automation to Achieve Both Speed and Security for CMMC

    Using Balanced Development Automation to Achieve Both Speed and Security for CMMC

    CMMC is a means of unifying cybersecurity standards for the U.S. Department of Defense. Learn how you can achieve compliance with this new standard.

    Read Article
  • Responding to Ryuk: Healthcare and the Ransomware Threat

    Responding to Ryuk: Healthcare and the Ransomware Threat

    Learn how penetration testing can help healthcare providers resist attacks from Ryuk Ransomware, keep patient records secure, and provide uninterrupted care.

    Read Article
  • API Security Testing: Best Practices & Key Vulnerabilities

    API Security Testing: Best Practices & Key Vulnerabilities

    Attackers are following the trajectory of software development and have their eyes on APIs. Regularly testing the security of your APIs reduces your risk.

    Read Article
  • Vulnerability Scanners: Are These Enough for Your Applications?

    Vulnerability Scanners: Are These Enough for Your Applications?

    Security testing has increased considerably over the past decade. But are vulnerability scanners enough to ensure software security?

    Read Article
  • What to Look for in a Penetration Testing Provider

    What to Look for in a Penetration Testing Provider

    Ask these five questions to find a penetration testing provider that both satisfies your technical needs and works in harmony with your business.

    Read Article
  • SaaS Deployments: Security Checklist for Cloud Services

    SaaS Deployments: Security Checklist for Cloud Services

    Moving applications from on-premise to SaaS brings a different set of risks. First among those is the fact that users data is stored in the SaaS provider's data center.

    Read Article
  • Cybersecurity Awareness Month: 10 Tips for Better IoT Security

    Cybersecurity Awareness Month: 10 Tips for Better IoT Security

    This Cybersecurity Awareness Month, take time to consider all the devices you have online. These 10 tips will help you create or strengthen your IoT security plan.

    Read Article
  • Why Conduct a Red Team Exercise?

    Why Conduct a Red Team Exercise?

    Businesses who conduct Red Team exercises have reduced costs when a data breach occurs.

    Read Article
  • Addressing Cloud Security Risks: Build a Foundation for a Secure Future

    Addressing Cloud Security Risks: Build a Foundation for a Secure Future

    Cloud adoption has gone mainstream. Taking full advantage of the benefits takes planning, skill, and a careful weighing of cloud security risks.

    Read Article
  • Best Practices for Hybrid Cloud Security

    Best Practices for Hybrid Cloud Security

    Securing a hybrid cloud environment can be challenging, but these best practices will help businesses minimize risk while taking advantage of the benefits.

    Read Article
  • Is Zero Trust Just a Buzzword?

    Is Zero Trust Just a Buzzword?

    Zero trust essentially involves changing the approach toward securing our systems and infrastructure. Read more to learn how you can prevent data breaches with this approach.

    Read Article
  • What You Need to Know About Enterprise Penetration Testing in AWS

    What You Need to Know About Enterprise Penetration Testing in AWS

    As more organizations adopt AWS services, penetration testing is critical for designing, securing, reviewing, and improving your cloud infrastructure.

    Read Article
  • A 5G Security Overview

    A 5G Security Overview

    A detailed introduction to 5G technology and security concepts.

    Read Article
  • How Insurers Can Stay Secure While Transforming the Way They Do Business

    How Insurers Can Stay Secure While Transforming the Way They Do Business

    Digital transformation is at the heart of the changing landscape in the insurance space, however, insurers must consider the risk implications of any change.

    Read Article
  • How Secure Is Canada’s COVID Alert App? Evaluation of Android App v1.0.3

    How Secure Is Canada’s COVID Alert App? Evaluation of Android App v1.0.3

    Our consulting team performed an evaluation of the Android version of Canada’s COVID alert app to evaluate data privacy and security concerns.

    Read Article
  • loading
    Loading More...
See more