Software Security's Journey to the Mainstream
Get the Easy Wins, Don’t Hide From the Hard Ones
The Next Evolution of Browser-Based Penetration Testing Kits: OWASP PTK
How to Avoid the AppSec Staffing Crisis in 2023
Resourcefulness as Recourse - Curbing the Weighty Cost of AppSec
The Hot Mess That Is Cybersecurity Staffing
Modern AppSec Means Doing More with Less
Choosing is Confusing: AppSec Tool Maze
Don't wade in alone, AppSec waters are perilous!
A Shortcut to Failure
A Better Vulnerability Mousetrap
Modern AppSec Survival Guide: 5 Tips for Program Success
False Positives VS. False Negatives in Application Security
Risk-based AppSec, But How?
Russia, Cyberattacks, SMBs, and Startups, and You
AppSec Shared Security Model: It Really Is Everyone’s Responsibility
Must See: OWASP PTK Powered Pen Testing
Out of Band Learnings from Log4Shell: Asset Management and Open Source Community Support.
Semgrep: Enabling Just in Time Static Analysis
PracticalAppSec: Secure Design Hits the Big Time