Resources

Links

The SANS Software Security Community provides a variety of resources. Interact with your fellow professionals and appsec experts on the SANS AppSec Blog or discover solutions to appsec related issues with a multitude of webcasts.

• Top 25 software errors
• Application Security Procurement Language
• Secure Programming Tips
• Newletters
• SDL Pro Network

Whitepapers

Adapting AppSec to a DevOps World
By Stephen Deck on Feb 20, 2018

Bug Bounty Programs: Enterprise Implementation
By Jason Pubal on Jan 17, 2018

2017 State of Application Security: Balancing Speed and Risk
By Jim Bird on Oct 24, 2017

View More

How To Guide

The SANS Developer How To Guide provides developers with simple code examples that quickly show how to prevent common security vulnerabilities.

• Cross-Site Scripting (XSS)
• How To Fix SQL Injection
• Cross-Site Request Forgery (CSRF)

Read More

Blog Posts

Continuous Opportunity - DevOps and Security
Aug 23, 2017

2017 Application Security Survey is Live!
Jun 19, 2017

Taking Control of Your Application Security
Apr 18, 2017

View More

Webcasts

NoSQL Doesn’t Make you NoVulnerable
By Johannes Ullrich on Apr 21, 2017

Mobile App Security Trends and Techniques
By Gregory Leonard on Apr 7, 2017

Struts-Shock: Current Attacks against Struts2 and How to Defend Against Them
By Johannes Ullrich and Jonathan Mandell on Apr 6, 2017

View More

Videos

Non-repudiation
By Jason Lam and Dr. Johannes Ullrich

AJAX and Web 2.0 Security
By Jason Lam and Dr. Johannes Ullrich

The Value of Code Scanning
By Dinis Cruz