How legacy app sec is holding back Secure by Design

After years of headline-popping software supply chain–related breaches — think SolarWinds, Log4j, 3CX, and MOVEit — software security advocates agree that organizations have to change the way they tackle app sec.

The overriding consensus from the experts is that software producers need better software development practices, such as following Secure by Design, which was proposed in April by the federal Cybersecurity and Infrastructure Security Agency (CISA). The idea of Secure by Design is relatively simple in …

3cx advocates app app sec back breaches change design development experts legacy log4j moveit organizations practices sec security software software development software security software supply chain solarwinds supply supply chain