AppSec Best Practices for 2022

View in browser

Hi there,

As we wrap up 2021, I want to share some thoughts on AppSec that have been on my mind, in addition to a roundup of our most popular blogs from 2021.

In my newest blog, "AppSec Fails And The Incredible Durability of Application Vulnerabilities", I walk through two recent examples of long-lived vulnerabilities: Confluence and Mozilla NSS. Both had critical security vulnerabilities sit in their code for 10 years or more.

What can a good AppSec program do to counteract these problems? Read the blog for some thoughts.

I hope you and your families have a restful holiday season. Thank you for following along with IronCore Labs and reading these musings.

Until next year,

Patrick Walsh
CEO, IronCore Labs

It's almost criminal how even a single flaw in an application is enough to compromise SaaS data. Learn how common architectures are failing.

Remember how that was such a big deal? This was one of our first blogs in 2021, and it hit a chord.

Use our spreadsheet to review SaaS vendors and evaluate their level of security before you buy.

Whether you say layer or level, there's a lot of confusion about ALE. So we simplified things and explained exactly what ALE means and looks like.

One of our most recent blogs, the infographic is easy to digest and helps lay out the journey to ALE.

No, you can't afford to have your customers' data leak. And you don't have to.