kiuwan blog

Kiuwan Blog

Your News Source for Application Security & Related Topics.

Why is security IOT's biggest concern blog banner

Why is Security IoT’s Biggest Concern?
Scanning code for vulnerabilities banner

Scanning Code for Vulnerabilities: One-at-a-time or Continuous?
Release announcement banner with computer and parachute

Release Announcement – May 12, 2020
,
A man cannot access his laptop because he forgot his password

How to Teach Your Team to Make Secure, Memorable, and Unique Passwords Every Time
Analyze your Assembla repository with Kiuwan

Automatically Scan your Assembla Repository with Kiuwan Code Security
,
KI-Secure-Blockchain-FB

7 Tips on Secure Blockchain: What You Need to Know.
A man pays with credit card on a pc while buying online

8 Tips on Keeping Safe When Buying Online
Banner for Understanding and Managing Open-Source Risks

Understanding and Managing Open-Source Risks
Banner for Timeline of Breaches in 2019

A Timeline of Major Data Breaches in 2019
Is Cross-Site Scripting still a thing banner

Is Cross-Site Scripting Still a Thing?
Surprises about how artificial intelligence affects cybersecurity banner

3 Surprises About How Artificial Intelligence Affects Cybersecurity
Kiuwan is a high performer in the g2 grid

Kiuwan a High Performer in the G2 Grid
,
Banner for Kiuwan On Premises Distributed Version announcement with picture of padlock on laptop

Announcing the Release of Kiuwan On-Premises Distributed Version
,
Banner for OWASP top 10 mobile blog post with an image of a phone and a fishing hook.

OWASP Top 10 for Mobile: All You Need to Know
Ransomware protection banner with umbrellas protecting from bugs

Ransomware Attack Prevention: Protecting Against 8 Common Attacks
Release announcement banner with computer and parachute

Release Announcement – March 5, 2020
,
Banner for blog post on Using Threat Intelligence to Boost Your Organization’s Security Posture

Using Threat Intelligence to Boost Your Organization’s Security Posture
A woman looks at twitter feed

10 AppSec Twitter Accounts to Follow
Release announcement banner with computer and parachute

Release Announcement – February 13, 2020
,
banner for difference between Kiuwan local analyzer and the IDE plugin

Kiuwan Local Analyzer or IDE Plug-In: What’s the Difference?
banner promoting Go as new supported language

Announcing Support for Go
,
Programming language trends banner with pac man imagery

Programming Language Trends In 2020
Four padlocks with SAST, IAST, DAST and SCA written on them

DAST, SAST, IAST and SCA: Which security technology is best for me?
a figure representing hybrid wins over a figure representing cloud

Food for Thought: On-premises Goes Hybrid
hands placed on a laptop with browser icons displayed

Announcement: End of Support for TLS 1.0 and 1.1.
a hacker programs in a dark room on webapps

The Cyberthief’s New Best Friend: Web Apps

Why Hackers Attack – The Motives Behind Attackers

Cybersecurity Predictions for 2020
breach-600

Communicating with Customers in the Event of a Breach
A padlock protects a computer with WASC compliance

WASC Compliance: Guarantee App Security
Hand with stetoscopes checks for hipaa compliance in the code

HIPAA Compliance for Secure Health Software
expensive-security-breaches

The Top 10 Most Expensive Security Breaches
holes-hide

The Favorite Places For Security Holes To Hide
Owasp Benchmark

DIY: Generate OWASP Benchmark Results for Kiuwan Code Security
sans-top-25

SANS Institute Top 25 Software Errors
CERT Compliance: Provide Security For Your C Applications

CERT Compliance: Provide Security For Your C Applications
Guarantee ISO Compliance With DevSecOps Processes

Guarantee ISO Compliance With DevSecOps Processes
standardspost1

Security Standards in Software Development
misra

MISRA: Software Development Guidelines For The C Programming Language
continuous integration

Continuous Integration In a Nutshell
owasptop10-10

OWASP Top 10 2017 – A10 Insufficient Logging & Monitoring
owasptop10-8

OWASP Top 10 2017 – A8 Insecure Deserialization
PCI DSS: All you need to know about it

PCI DSS: All you need to know about it
a5

OWASP Top 10 2017 – A5 Broken Access Control
Cobol and RPG: Cobol and RPG: Security in business-oriented languages

Cobol and RPG: Security in business-oriented languages
SOAR: Security Orchestration Automation Response

SOAR: The Future of IT Security

C# OWASP Top 10: How to Discover Vulnerabilities in a C# Web Application
Black Hat USA 2019

Looking Ahead to Black Hat USA 2019
owasp-java

OWASP Top 10: How to Find Vulnerabilities in Your Java Applications
Bad Guys Love Rest: REpresentational State Transfer

Bad guys love REST
10 Common Software Security Weaknesses

10 Common Software Security Weaknesses
open source license comparsion

Open Source Licenses: A Comparison Of The Most Popular Types
800 (1)

Cybersecurity Trends in 2019
5stepssast-600x338

5 Steps to Integrate SAST in Your DevSecOps Process
best-practices

4 Best Practices for Security Testing in Your SDLC
why-sast-crucial

Why SAST is Crucial for The Security of Web and Mobile Applications
top5-swift

Top 5 Security Mistakes When Developing Applications In Swift
six-predictions-(1)-SI

6 Cybersecurity Predictions for 2019 and Beyond
Test2

5 Reasons Why Open Source is Good for Your Company
thebenefits

The Benefits of a DevSecOps Approach to the SDLC
5ways

5 Ways DevSecOps is Changing the Security Lifecycle
idera

Idera, Inc. Acquires Kiuwan and Bolsters Testing Tools Business with Application Security and Code Testing Capabilities
how-to-implement-devsecops-SII

How to Implement DevSecOps with Your Team
Cybersecurity predictions for 2018 and beyond

Cybersecurity Predictions for 2018 and Beyond
Major data breaches in 2018...So far

Major Data Breaches In 2018…So Far
How much does a data breach cost?

How Much Does a Data Breach Cost?
Coolest Open Source projects for 2018

Coolest Open Source Projects for 2018
How

How Open Source Is Democratizing Technology
Understanding Open Source Licensing

Understanding Open Source Licensing
How to succeed as an Open Source developer

How to Succeed as an Open Source Developer: From Education to Contributor
worst-mistakes

The Worst AppSec Mistakes
5-benefits-sast-x600

Five benefits of using Static Application Securites Testing (SAST) along with Other Security Solutions
The true cost of cybercrime for companies

The True Cost Of Cybercrime For Companies
The biggest security threats of 2018

The Biggest Security Threats of 2018
Open Source Trends of 2018: from openstack to the internet of things

Open Source Trends for 2018: From OpenStack to The Internet of Things
Democratic software: Open Source

Democratic Software: Open Source
Why Open Source? Six major advantages from a security perspective

Why Open Source? Six Major Advantages From a Security Perspective
GDPR makes appsec more imporant than ever

GDPR Makes Appsec More Important than Ever
tips to improve DevSecOps

5 Top Tips to Improve your DevSecOps Practices
Devsecops: follow the leader

DevSecOps: Follow the Leader
Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)

Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)
dont-get-hacked

Don’t Get Hacked: 5 Important Ways to Protect Your Company’s Assets
OWASP resources for developers

OWASP Resources for Developers
Code analysis methods

Code Analysis Methods
GDPR: General Data Protection Regulation

GDPR – General Data Protection Regulation
Owasp top 10 2017 – A4 XML External Entities (XXE)

Owasp top 10 2017 – A4 XML External Entities (XXE)
NIST - SAMATE

NIST – SAMATE
what-is-application-security-1-si

What is Application Security?
Banner for how Shift Left is Implemented in DevSecOps

How to Implement Shift Left in DevSecOps
7 Reasons Why Incorporating DevOps is Important

7 Reasons Why Incorporating DevOps is Important
DevSecOps: Building a Culture of Responsibility for Network Security

DevSecOps: Building a Culture of Responsibility for Network Security
Application Inventory Management

Application Inventory Management
static-analysis-automated-tests (1)

Static Analysis in Automated Software Quality Tests
Why Automated Code Reviews Need to Include Security Audits

Why Automated Code Reviews Need to Include Security Audits
gain-full-control

Gain full control of open source components
application-sec-in-devops-SI

Application Security in Devops
A9

OWASP Top 10 2017 – A9 Using Components with Known Vulnerabilities
OWASP A3 Sensitive Data Exposure

OWASP Top 10 2017 – A3 Sensitive Data Exposure: Identify Your Weaknesses
OWASP TOP 10 2017- A6 security Misconfiguration

OWASP Top 10 2017 – A6 Security Misconfiguration
OWASP TOP 10 2017- A7 Cross-site Scripting (XSS)

OWASP Top 10 2017 – A7 Cross-site Scripting (XSS)
OWASP TOP 10 2017- A2 Broken Authentication

OWASP Top 10 2017 – A2 Broken Authentication
Captura

Lechazo Conf 2017
CWE Common Weakness Enumeration

CWE Common Weakness Enumeration
OWASP TOP 10 2017- A1 Injection

OWASP Top 10 2017 – A1 Injection
The OWASP Benchmark & Kiuwan

The OWASP Benchmark & Kiuwan
Application Security — Why Businesses Need Application Security

Application Security — Why Businesses Need Application Security
sql-injection-avoid

SQL Injection and How to Avoid It
Suppress false positives in your code analysis

Suppress false positives in your code analysis
Pentesting: What it is and how it works

Pentesting: What it is and how it works
python-analysis

Python Code Analysis with Kiuwan
14-tips-for-angular-si

14 tips for developing AngularJS applications
Code Analysis of Twitter’s DistributedLog

Code Analysis of Twitter’s DistributedLog

Avoid duplicated code with clone detector
CIOs vs Technical Debt: A burden for innovation

CIOs vs Technical Debt: A burden for innovation