kiuwan blog

Your news source for Application Security
and Software Analytics.

best-practices

4 Best Practices for Security Testing in Your SDLC
why-sast-crucial

Why SAST is Crucial for The Security of Web and Mobile Applications
top5-swift

Top 5 Security Mistakes When Developing Applications In Swift
six-predictions-(1)-SI

6 Cybersecurity Predictions for 2019 and Beyond
open-source-is-good

5 Reasons Why Open Source is Good for Your Company
thebenefits

The Benefits of a DevSecOps Approach to the SDLC
5ways

5 Ways DevSecOps is Changing the Security Lifecycle
idera

Idera, Inc. Acquires Kiuwan and Bolsters Testing Tools Business with Application Security and Code Testing Capabilities
how-to-implement-devsecops-SII

How to Implement DevSecOps with Your Team
Cybersecurity predictions for 2018 and beyond

Cybersecurity Predictions for 2018 and Beyond
Major data breaches in 2018...So far

Major Data Breaches In 2018…So Far
How much does a data breach cost?

How Much Does a Data Breach Cost?
Coolest Open Source projects for 2018

Coolest Open Source Projects for 2018
How Open Source is democratazing technology

How Open Source Is Democratizing Technology
Understanding Open Source Licensing

Understanding Open Source Licensing
How to succeed as an Open Source developer

How to Succeed as an Open Source Developer: From Education to Contributor
worst-mistakes

The Worst AppSec Mistakes
5-benefits-sast-x600

Five benefits of using Static Application Securites Testing (SAST) along with Other Security Solutions
The true cost of cybercrime for companies

The True Cost Of Cybercrime For Companies
The biggest security threats of 2018

The Biggest Security Threats of 2018
Open Source Trends of 2018: from openstack to the internet of things

Open Source Trends for 2018: From OpenStack to The Internet of Things
Democratic software: Open Source

Democratic Software: Open Source
Why Open Source? Six major advantages from a security perspective

Why Open Source? Six Major Advantages From a Security Perspective
GDPR makes appsec more imporant than ever

GDPR Makes Appsec More Important than Ever
5 top tips to improve your devsecops practices

5 Top Tips to Improve your DevSecOps Practices
Devsecops: follow the leader

DevSecOps: Follow the Leader
Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)

Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)
dont-get-hacked

Don’t Get Hacked: 5 Important Ways to Protect Your Company’s Assets
OWASP resources for developers

OWASP Resources for Developers
Code analysis methods

Code Analysis Methods
GDPR: General Data Protection Regulation

GDPR – General Data Protection Regulation
A comparison of the most popular Open Source licenses

A Comparison Of The Most Popular Open Source Licenses
Owasp top 10 2017 – A10 Insufficient Logging & Monitoring

Owasp top 10 2017 – A10 Insufficient Logging & Monitoring
Owasp Top 10 2017 – A8 Insecure Deserialization

Owasp Top 10 2017 – A8 Insecure Deserialization
Owasp top 10 2017 – A4 XML External Entities (XXE)

Owasp top 10 2017 – A4 XML External Entities (XXE)
continuous analysis with Kiuwan and Visual Studio Team Services (VSTS)

Continuous analysis with Kiuwan and Visual Studio Team Services (VSTS)
NIST - SAMATE

NIST – SAMATE
what-is-application-security-1-si

What is Application Security?
How Shift Left Is Implemented in DevSecOps

How Shift Left Is Implemented in DevSecOps
7 Reasons Why Incorporating DevOps is Important

7 Reasons Why Incorporating DevOps is Important
DevSecOps: Building a Culture of Responsibility for Network Security

DevSecOps: Building a Culture of Responsibility for Network Security
Application Inventory Management

Application Inventory Management
static-analysis-automated-tests (1)

Static Analysis in Automated Software Quality Tests
Why Automated Code Reviews Need to Include Security Audits

Why Automated Code Reviews Need to Include Security Audits
gain-full-control

Gain full control of open source components
Security standards in software development

Security standards in software development
application-sec-in-devops-SI

Application Security in Devops
kiuwan-tfs

Continuous analysis with Team Foundation Server (TFS) 2017
A9

OWASP Top 10 2017 – A9 Using Components with Known Vulnerabilities
OWASP A3 Sensitive Data Exposure

OWASP Top 10 2017 – A3 Sensitive Data Exposure: Identify Your Weaknesses
kiuwanteamcity-2

Continuous analysis with JetBrains TeamCity
OWASP TOP 10 2017- A6 security Misconfiguration

OWASP Top 10 2017 – A6 Security Misconfiguration
OWASP TOP 10 2017- Broken access control

OWASP Top 10 2017 – A5 Broken Access Control
OWASP TOP 10 2017- A7 Cross-site Scripting (XSS)

OWASP Top 10 2017 – A7 Cross-site Scripting (XSS)
OWASP TOP 10 2017- A2 Broken Authentication

OWASP Top 10 2017 – A2 Broken Authentication
Captura

Lechazo Conf 2017
CWE Common Weakness Enumeration

CWE Common Weakness Enumeration
OWASP TOP 10 2017- A1 Injection

OWASP Top 10 2017 – A1 Injection
Owasp Benchmark

OWASP Benchmark DIY
The OWASP Benchmark & Kiuwan

The OWASP Benchmark & Kiuwan
Kiuwan indicators: security and quality indicators in Kiuwan: a practical guide

Kiuwan Indicators
Application Security — Why Businesses Need Application Security

Application Security — Why Businesses Need Application Security
How to control Kiuwan Local Analyzer execution in Continuous Integration

How to control Kiuwan Local Analyzer execution in Continuous Integration
sql-injection-avoid

SQL Injection and How to Avoid It
Suppress false positives in your code analysis

Suppress false positives in your code analysis
Pentesting: What it is and how it works

Pentesting: What it is and how it works
Jenkins integration with Kiuwan Code Analysis

Jenkins integration with Kiuwan Code Analysis
Python code analysis with Kiuwan

Python code analysis with Kiuwan
Integrate Kiuwan static test services with IBM Bluemix DevOps Services

Integrate Kiuwan static test services with IBM Bluemix DevOps Services
ruby

Ruby goes to Kiuwan
inspection

Continuous Inspection with Team Foundation Server
bad-guys

Bad guys love REST
14-tips-for-angular-si

14 tips for developing AngularJS applications
Code Analysis of Twitter’s DistributedLog

Code Analysis of Twitter’s DistributedLog
OWASP Top 10: how to discover vulnerabilities in your Java applications

OWASP Top 10: how to discover vulnerabilities in your Java applications
Analyzing C and C++

Analyzing C and C++
perform-k-analysis-abap-SI

Perform Kiuwan analysis in your ABAP Development Life Cycle
OWASP Top 10: how to discover vulnerabilities in your C# applications

OWASP Top 10: how to discover vulnerabilities in your C# applications
SAP Code Quality & Security Vulnerabilities detection

SAP Code Quality & Security Vulnerabilities detection
Avoid duplicated code with clone detector

Avoid duplicated code with clone detector
CIOs vs Technical Debt: A burden for innovation

CIOs vs Technical Debt: A burden for innovation
sap-abab-continuous-analysis

Security in business-oriented languages: ABAP
cobol-security-business-oriented-600

Security in business-oriented languages: COBOL and RPG
scratch

How to create new zero-code Kiuwan rules
Analyzing C and C++

C/C++ analysis with Kiuwan, part II
Rules development (II): basis for implementation

Rules development for Kiuwan (V): Query API
sap-abab-continuous-analysis

ABAP: continuous analysis with Kiuwan
Rules development (IV): Basic API – navigating through the AST

Rules development (IV): Basic API – navigating through the AST
How to configure Kiuwan authentication with your own LDAP service

How to configure Kiuwan authentication with your own LDAP service
Rules development (III): debugging custom rules

Rules development (III): debugging custom rules
Rules development (II): basis for implementation

Rules development (II): basis for implementation
Rules development for KIUWAN (I): Where do we start?

Rules development for KIUWAN (I): Where do we start?
Perform Kiuwan analysis in your ABAP Development Life Cycle

Static analysis for ABAP