White Papers

In the past, the CI/CD pipelines were simply a place to integrate code. Developers would write their code in GitHub, pass it through the pipeline, and then deploy it. However, with the emergence of shift left security and newer automation practices, the pipeline has become a much more critical piece of the software delivery lifecycle.

“The delivery of the software through the pipeline also has to be secure and compliant,” said Tim Johnson, Product Manager at DevOps solutions company CloudBees. “As well as what it is doing beyond just the simple CI aspect of it. So now you get into things like security and testing automation, software composition analysis, static analysis, dynamic analysis, and all other things that need to be done to get that software through.”

In this solutions guide, you will learn specifics about:

  • How shift left security is changing the pipeline
  • Why Gartner says security in the CI/CD pipeline needs to be an end-to-end process
  • The need for automation – why is it essential to ensure your entire organization is on-board!
  • A guide to CI/CD tools
  • And more!

Download it today!

White Papers

Defining a plan to improve developer security maturity is no easy task when you still have compliance requirements and release deadlines to meet. But it is a worthy one that will pay dividends in improved productivity and reduced risk.

In this guide, we explore the lessons learned from three real-life Secure Code Warrior customers so you can start to assemble a secure code training blueprint for your organization.


  • What challenges do organizations face at different stages of developer security maturity?
  • Who are the stakeholders involved?
  • What are the key lessons learned along the way



Modern development strategies employ different tactics to deliver code more quickly, from agile planning to cross-functional teams to ‘shift left’. Unit testing has an important role to play, accelerating cycle times by detecting regressions at the earliest possible stage. Since testing remains a significant bottleneck in most CI pipelines, the gains can be significant.

But the effort of writing and maintaining tests can offset the benefits: it’s not unusual for Java developers to spend up to 50% of their time working on unit tests instead of on value-adding code changes.  And that still might not be enough to get good code coverage!

That’s why modern Java pipelines include integrated, AI-assisted coding that removes the effort from unit testing and accelerates development.

Join this webinar to learn:

  • Why unit testing is such a powerful aid to faster development
  • How AI can solve the problem of unit test writing
  • How Diffblue Cover accelerates Java development
  • About integrating automated unit test writing into your Java CI pipeline



Declarative pipelines provide a more modern, opinionated approach to pipeline creation and management. But what are they really? What benefit do they bring to your CI/CD processes?

Our three expert panelists discussed:

  • What declarative pipelines are and how they are used
  • Where they are most useful
  • Best practices around creating declarative pipelines in Jenkins

Watch the webinar on demand any time!



As the need for code to be deployed faster grows every year. Code scanning has become a great part of the developer role. As such, Dev teams need a simple-to-integrate security tool that allows them to secure code quickly and accurately without disrupting their workflow.

That is why Contrast is proud to introduce its new free developer security tool: CodeSec by Contrast, that brings the fastest and most accurate scanner in the market right to developers at no cost. Providing actionable remediation guidance, CodeSec enables developers to start securing code in LESS THAN 5 MINUTES!

In this webinar, we covered how CodeSec by Contrast is able to help developers secure code by showcasing:

  • An introduction to CodeSec by Contrast Security
  • The benefits of CodeSec
  • Demonstrate how Developers can get started
  • Showcase how Devs can scan both files & serverless environments for free



Spring Boot is a common framework for building Spring-based applications. But all frameworks have their risks, and Spring Boot is no exception. Recently, zero day vulnerabilities in the Spring Framework and Spring Boot have created increased demand for security for Spring Boot.

For example, Spring Boot was recently impacted by the SpringShell vulnerability that affected the data binding mechanism and made many applications vulnerable.

Watch this webinar at any time to learn how you can use PreEmptive Dash0 to ensure confidence in the security of your Spring Boot applications.

White Papers

Each year, attacks on mobile applications steadily increase. The costs to businesses in terms of lost customers, compensation, reputation damage, and regulatory fines make lax mobile app security a significant risk factor. Ensuring effective mobile app security, however, presents a major challenge for many organizations.

Download this mobile app security guide to learn:

  • Why mobile app security important
  • Mobile app security risks and threats
  • OWASP Mobile Top 10 vulnerabilities
  • Top mobile app security best practices

White Papers

Building security maturity in development teams can be approached in stages. Based on Secure Code Warrior’s experience with 400+ organizations, we’ve identified the common practices and traits in three different stages of security maturity – defining, adopting, and scaling.

How security-savvy are your development teams?

White Papers

By assessing and understanding a development team’s security maturity, organizations can formulate a plan, with the right stakeholders, process, and technology to build and support the necessary skills and capabilities.

This whitepaper explores:

  • What is security maturity in development teams, and why is it important?
  • What are the different stages and characteristics of security maturity for development teams?
  • What is needed to build security maturity in development teams?



SAST is a vulnerability scanning method that identifies risks early in the CI pipeline or within the IDE. As security moves right, coverage becomes increasingly challenging by implementing security earlier in the development cycle with the use of SAST, SCA & QA  – it automatically reduces the remediation work that can arise later in the cycle.

Because half of web application vulnerabilities are critical or high-risk, this raises an important challenge for developers. Time to remediation for vulnerabilities is over 60 days. Kiuwan can prevent common vulnerabilities through a combination of SAST, SCA & QA. Watch this short webinar to learn more about Kiuwan and how their method and products reduces remediation time and accelerates critical fixes – by doing everything upfront!

White Papers

Welcome to !hooked, Guardsquare’s technical magazine featuring hands-on labs.

In this issue, the labs cover code checksumming, control flow (non-)integrity in Android applications, native library encryption, and encrypting Objective-C selectors.

Dive in, learn about the issues, and work through the solutions in these labs.

White Papers

How do you scale your testing to realize the full value of DevOps? In this session, Ethan Chung, Solutions Architect Manager at Keysight Technologies, will show how to expand testing coverage across complex applications with intelligent automation.

Watch now to learn the basics of automation right through to building sophisticated test cases that integrate with any DevOps pipeline.

« Previous PageNext Page »
HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!