Library

Explore a collection of educational content from our security experts

Forward Security Recognized in BC InfoSec / CyberSec Export Capabilities Directory

We’re excited to announce our recognition in the BC Information Security and Cybersecurity Capabilities Export Directory! This directory showcases the…

Farshad on the Application Security Weekly Podcast: Lessons That The XZ Utils Backdoor Spells Out

Farshad Abasi was invited once again to speak on the Application Security Weekly Podcast, hosted by Mike Shema! In this…

Agile, DevOps, and the Threat Modeling Disconnect: Bridging the Gap with Developer Insights

In 2008, my journey into application security and threat modeling began when I joined HSBC’s Global Software Development Centre as…

Threat Modeling & Risk Assessment for Developers

Threat modeling and risk assessment is a structured approach that enables an organization to identify, quantify, and address the threats…

Farshad on the Application Security Weekly Podcast: Creating the Secure Pipeline Verification Standard

Farshad Abasi recently appeared on the Application Security Weekly Podcast where he discussed the innovative Secure Pipeline Verification Standard he’s…

Farshad Discusses CI/CD Pipelines & Emerging Threats at Developer Week 2024

As modern software development practices evolve, CI/CD pipelines have emerged as a potent, yet under-secured frontier. This has resulted in…

Forward Security Receives Clutch 2023 Awards

Forward Security Inc. is a winner for Clutch’s 2023 Cybersecurity and Penetration Testing Awards! We’re honoured to be recognized for…

Next-Level AppSec: Transforming Secure Development using Automation Platforms

As the rate of application adoption accelerates globally, teams are expected to produce software faster, and often under tight budget…

Application Attacks on the Rise

One alarming trend in the fintech industry is the sharp increase in application attacks. According to recent reports, 64% of…

Why Security Design Reviews are More Effective than Pentesting

Many companies rely on pentesting to achieve compliance and strengthen their security posture. However, pentesting alone cannot identify all of…

The Power of Threat Modeling for Application Security

Threat modeling stands as the cornerstone of modern application security, offering a strategic approach that empowers companies to safeguard their…

Reduce Cybersecurity Risks for Remote or Hybrid Work Environments

The shift to remote work has significantly impacted security threats, as organizations’ digital footprints expand and expose them to new…

How to Minimize False Positives in Automated Application Security Scans

Every time a software development team introduces new code into their Software Development Life Cycle (SDLC), it potentially opens up…

The Challenge with Using Multiple Security Scanners

Development and security teams rely on automated scanners such as SAST, SCA, DAST, and others to scan applications for bugs…

The Importance of Zero Trust in Cybersecurity

What Does Zero Trust Mean in Cybersecurity? Zero trust is a security model in cybersecurity that operates on the assumption…

The Crucial Role of Threat Modeling in Application Security

Threat modeling is a proactive approach aimed at identifying potential threat scenarios specific to your application. Following threat modeling is…

Penetration Testing Execution Standards (PTES)

It’s all too common for AppSec companies to claim they offer vulnerability assessments when in fact they are just doing…

Forward Security Celebrates 5 Years 🎂

October is special to us at Forward Security for two reasons: a) it’s Cybersecurity Month b) it’s our birthday! I…

Rethinking Application Security: Why Penetration Testing Alone Doesn’t Cut It

In our increasingly digital world, applications are the engines driving businesses, powering critical operations and service delivery. However, these applications…

Unveiling New Additions to ASVS: Advancing the Frontier of Application Security

Today, we delve into the ongoing development of the Application Security Verification Standard (ASVS). If you’re new to ASVS, it…

Library

Explore a collection of educational content from our security experts

Talk with us

Let’s stay connected

JOIN OUR NEWSLETTER