kiuwan blog

Your news source for Application Security
and Software Analytics.

implementdevsecops3

How to Implement DevSecOps with Your Team
predictions

Cybersecurity Predictions for 2018 and Beyond
majordatabreaches

Major Data Breaches In 2018…So Far
databreachcost

How Much Does a Data Breach Cost?
COOLEST

Coolest Open Source Projects for 2018
democratizing

How Open Source Is Democratizing Technology
understanding-open-source

Understanding Open Source Licensing
how-to-succeed

How to Succeed as an Open Source Developer: From Education to Contributor
worst-mistakes

The Worst AppSec Mistakes
benefits-using-sast

Five benefits of using Static Application Securites Testing (SAST) along with Other Security Solutions
true-cost

The True Cost Of Cybercrime For Companies
biggest-security-threats

The Biggest Security Threats of 2018
open-source-trends

Open Source Trends for 2018: From OpenStack to The Internet of Things
democratic-software (1)

Democratic Software: Open Source
why-open-source

Why Open Source? Six Major Advantages From a Security Perspective
gdpr-more-important

GDPR Makes Appsec More Important than Ever
5-top-tips-devsecops

5 Top Tips to Improve your DevSecOps Practices
devsecops-follow-the-leader

DevSecOps: Follow the Leader
asvs

Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)
dont-get-hacked

Don’t Get Hacked: 5 Important Ways to Protect Your Company’s Assets
owasp-resources-for-developers

OWASP Resources for Developers
code-analysis-methods

Code Analysis Methods
GDPR

GDPR – General Data Protection Regulation
open-source-comparison

A Comparison Of The Most Popular Open Source Licenses
A10

Owasp top 10 2017 – A10 Insufficient Logging & Monitoring
A8

Owasp Top 10 2017 – A8 Insecure Deserialization
Owasp A4 XML External Entities

Owasp top 10 2017 – A4 XML External Entities (XXE)
visualst

Continuous analysis with Kiuwan and Visual Studio Team Services (VSTS)
samate-nist

NIST – SAMATE
application security

What is Application Security?
shift-left (1)

How Shift Left Is Implemented in DevSecOps
7reasons

7 Reasons Why Incorporating DevOps is Important
devsecops-building-a-culture

DevSecOps: Building a Culture of Responsibility for Network Security
how-aim-unlocks

Application Inventory Management
static-analysis-in-sw-quality

Static Analysis in Automated Software Quality Tests
why-automated-code-reviews

Why Automated Code Reviews Need to Include Security Audits
gain-full-control-open-source

Gain full control of open source components
security-strds-software-dev

Security standards in software development
Devops app security

Application Security in Devops
kiuwan-tfs

Continuous analysis with Team Foundation Server (TFS) 2017
A9

OWASP Top 10 2017 – A9 Using Components with Known Vulnerabilities
OWASP A3 Sensitive Data Exposure

OWASP Top 10 2017 – A3 Sensitive Data Exposure: Identify Your Weaknesses
kiuwanteamcity (1)

Continuous analysis with JetBrains TeamCity
A6

OWASP Top 10 2017 – A6 Security Misconfiguration
A5

OWASP Top 10 2017 – A5 Broken Access Control
A7

OWASP Top 10 2017 – A7 Cross-site Scripting (XSS)
OWASP A2 Broken Authentication

OWASP Top 10 2017 – A2 Broken Authentication
Captura

Lechazo Conf 2017
CWE

CWE Common Weakness Enumeration
OWASP A1

OWASP Top 10 2017 – A1 Injection
code review

Automated Code Review
Owasp Benchmark

OWASP Benchmark DIY
meme1

The OWASP Benchmark & Kiuwan
d-1

Kiuwan Indicators
application security

Application Security — Why Businesses Need Application Security
continuous

How to control Kiuwan Local Analyzer execution in Continuous Integration
injection

SQL Injection and How to Avoid It
suppress-false-positives

Suppress false positives in your code analysis
hack_img6

Pentesting: What it is and how it works
jenkins

Jenkins integration with Kiuwan Code Analysis
python-1

Python code analysis with Kiuwan
IBM-Bluemix

Integrate Kiuwan static test services with IBM Bluemix DevOps Services
ruby

Ruby goes to Kiuwan
inspection

Continuous Inspection with Team Foundation Server
Sin-título

Bad guys love REST
Sin-título-2

14 tips for developing AngularJS applications
kiuwan-jira-integration

Jira integration
twitter-140-media

Code Analysis of Twitter’s DistributedLog
top 10

OWASP Top 10: how to discover vulnerabilities in your Java applications
cc

Analyzing C and C++
sap

Perform Kiuwan analysis in your ABAP Development Life Cycle
top-10

OWASP Top 10: how to discover vulnerabilities in your C# applications
sap-code-vulnerabilities-detection

SAP Code Quality & Security Vulnerabilities detection
duplicated

Avoid duplicated code with clone detector
errr

CIOs vs Technical Debt: A burden for innovation
sap-abab-continuous-analysis

Security in business-oriented languages: ABAP
old

Security in business-oriented languages: COBOL and RPG
scratch

How to create new zero-code Kiuwan rules
fix

No time to fix defects? 6 actions to never give up
cc

C/C++ analysis with Kiuwan, part II
rules

Rules development for Kiuwan (V): Query API
sap-abab-continuous-analysis

ABAP: continuous analysis with Kiuwan
rules2

Rules development (IV): Basic API – navigating through the AST
ldap

How to configure Kiuwan authentication with your own LDAP service
rules3

Rules development (III): debugging custom rules
rules

Rules development (II): basis for implementation
rules4

Rules development for KIUWAN (I): Where do we start?
sap

Static analysis for ABAP

Running Local Analyzer with Kiuwan