Home | VerSprite Resources

Security Controls

We are passionate about helping our clients chart a course that brings security and business together.

Blog Post

Static Analysis Security Testing SAST

DevSecOps: Automating Security Testing in a CI/CD Pipeline

In this tutorial, VerSprite’s DevOps team walks you through how to automate SAST into your CI/CD pipeline

Learn more

Blog Post

Web Application Security

Companies Using VMware ESXi Are Being Targeted by Ransomware

Companies using VMware ESXi are being targeted by ransomware-as-a-service, resulting in encrypted virtual hard drives. Learn the business impact of this attack and get mitigation recommendations from VerSprite’s Threat Intelligence Group.

Learn more

software development security

Ebook

Security Controls

Integrating Security into DevOps

This guide builds on the introduction of “Security as Code”. As expected, this is the automation of security checks and gates via code and integrated into the overall DevOps process again following software engineering practices.

Learn more

Automated building, testing and deploying applications gives the consistency and velocity needed to support your customers with continuous updates. This level of automation provides an opportunity for including security best practices into the Software Development Life Cycle (SDLC).

Webinar

General Data Protection Regulation (GDPR)

How DevSecOps Efforts Are Changing How We Govern Security Controls

The rise of regulations and demand for more agile engineering practices is forcing CISOs and security programs to develop more sophisticated ways to adhere to security requirements from regulations, internal governance, and clients.

Learn more

Managing Cloud Infrastructure Cloud Security Risk

Ebook

Continuous Integration & Continuous Delivery (CI/CD)

VerSprite’s Guide to Managing Cloud Security Risk

Use of public cloud infrastructure is now commonplace with nearly $60 billion spent annually. Of course, there are good reasons for this as Infrastructure and Platform as a Service provide several advantages over traditional in-house hosting. VerSprite shares key principles that will help you manage your cloud security risk.

Learn more

Shifting Security Left

Webinar

Shifting Security Left: Why You Shouldn’t Wait to Apply Security Controls

DevSecOps efforts are changing how we govern security controls via greater automation tools that are readily available to leverage. Watch this webinar to discover how to “shift left” in terms of implementing critical security controls during the pre-implementation phases of the Software Development Life Cycle (SDLC).

Learn more

Risk-Based Threat Modeling

Blog Post

Process for Attack Simulation & Threat Analysis

Threat Models as Blueprints for Threat Intelligence, Threat Data

At this point, Organizational Threat Models are not something that snap on as a plugin to a SIEM or threat intel subscription feed, but something that can be instead used to train SOC analysts on how to think in the trenches when triaging security events and incidents.

Learn more

Infrastructure as Code

Blog Post

Web Application Security

How to Approach Integrating Application Security into Your SDLC

In this blog post we will take a deeper dive into exactly how to approach integrating security into your Software Development LifeCycle (SDLC). In addition, we will delve into one available resource that provides guidance on how to get started.

Learn more

Despite being a $4.2 trillion market, the wellness industry is a relatively new aspect of healthcare that has not faced the same scrutiny regarding the storage and processing of customer data. Download our guide to view VerSprite's 10 data privacy recommendations:

Ebook

Wellness Industry: 10 Ways Data Privacy Can Increase Your Competitive Edge

Many organizations are operating in a grey area, both ethically and legally, in terms of how they are managing consumer data. What data is being collected and stored? Data privacy is more than compliance – businesses should consider marketing benefits associated with handling data in a confidential manner.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos