DevSecOps Approach: Using AppSec Statistics to Drive Better Outcomes
Using WhiteHat’s repository of scan data, this report reviews current trends on the use of devops related approaches and the implications these practices have upon application security results. (more available)
The DevSecOps Approach
This report is essential reading for executives, security practitioners and development teams who want to better understand the present state of software security risk, and who seek to benchmark and improve their own organization’s performance. (more available)
2018 Secure DevOps: Fact Or Fiction?
This survey, the sixth in a series of annual studies by SANS on security practices in software development, is the first to explicitly focus on DevOps. (more available)
Ironclad API's:An Approach For Application Security Testing
This paper discusses some API’s and how you can protect them from an attack.
Getting The Board On Board With Application Security
It is the intention of this paper to provide you the reader with the essential tools and language that you can use to educate your board members on the importance and necessity of Application Security. (more available)
Application Security Statistics Report 2017
This is the 12th annual WhiteHat Security Statistics Report. This year they’ve added some real metrics around DevSecOps. They’ve also added a new SAST section and a mobile security section. (more available)
Website Security Statistic Report
From the report, “Rather than provide a lengthy analysis of the data in this Stats Report in this introduction, we’ve decided instead to provide some “what this means to you” commentary at the end of the three main sections of the report; commentary that attempts to make the data relevant to Executives, Security practitioners and DevOps professionals. (more available)