I recently wrote an article for Signal Sciences discussing the top 5 application security defense needs in the modern era. It’s very DevOps in nature. You can see the full article in all of its original glory here > Top 5 AppSec Defense needs in the Modern Era
In the article, I covered what I thought was the most critical things needed for a plausible application security program in the modern era.
- OWASP Top Ten coverage is a must-have and is expected
- Have Defense against Bots and Scrapers
- Do Business Logic monitoring
- Achieve Operational Insight through Visualizations and Dashboards
- Distribute security information where people naturally are, a la ChatOps.