Blog - Kiuwan

kiuwan blog

Your news source for Application Security
and Software Analytics.

The Benefits of a DevSecOps Approach to the SDLC

5 Ways DevSecOps is Changing the Security Lifecycle

Idera, Inc. Acquires Kiuwan and Bolsters Testing Tools Business with Application Security and Code Testing Capabilities

how-to-implement-devsecops

How to Implement DevSecOps with Your Team

Cybersecurity predictions for 2018 and beyond

Cybersecurity Predictions for 2018 and Beyond

Major data breaches in 2018...So far

Major Data Breaches In 2018…So Far

How much does a data breach cost?

How Much Does a Data Breach Cost?

Coolest Open Source projects for 2018

Coolest Open Source Projects for 2018

How Open Source is democratazing technology

How Open Source Is Democratizing Technology

Understanding Open Source Licensing

Understanding Open Source Licensing

How to succeed as an Open Source developer

How to Succeed as an Open Source Developer: From Education to Contributor

The Worst AppSec Mistakes

5-benefits-sast (1)

Five benefits of using Static Application Securites Testing (SAST) along with Other Security Solutions

The true cost of cybercrime for companies

The True Cost Of Cybercrime For Companies

The biggest security threats of 2018

The Biggest Security Threats of 2018

Open Source Trends of 2018: from openstack to the internet of things

Open Source Trends for 2018: From OpenStack to The Internet of Things

Democratic software: Open Source

Democratic Software: Open Source

Why Open Source? Six major advantages from a security perspective

Why Open Source? Six Major Advantages From a Security Perspective

GDPR makes appsec more imporant than ever

GDPR Makes Appsec More Important than Ever

5 top tips to improve your devsecops practices

5 Top Tips to Improve your DevSecOps Practices

Devsecops: follow the leader

DevSecOps: Follow the Leader

Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)

Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)

dont-get-hacked

Don’t Get Hacked: 5 Important Ways to Protect Your Company’s Assets

OWASP resources for developers

OWASP Resources for Developers

Code analysis methods

Code Analysis Methods

GDPR: General Data Protection Regulation

GDPR – General Data Protection Regulation

A comparison of the most popular Open Source licenses

A Comparison Of The Most Popular Open Source Licenses

Owasp top 10 2017 – A10 Insufficient Logging & Monitoring

Owasp top 10 2017 – A10 Insufficient Logging & Monitoring

Owasp Top 10 2017 – A8 Insecure Deserialization

Owasp Top 10 2017 – A8 Insecure Deserialization

Owasp top 10 2017 – A4 XML External Entities (XXE)

Owasp top 10 2017 – A4 XML External Entities (XXE)

continuous analysis with Kiuwan and Visual Studio Team Services (VSTS)

Continuous analysis with Kiuwan and Visual Studio Team Services (VSTS)

NIST – SAMATE

what-is-application-security (1)

What is Application Security?

How Shift Left Is Implemented in DevSecOps

How Shift Left Is Implemented in DevSecOps

7 Reasons Why Incorporating DevOps is Important

7 Reasons Why Incorporating DevOps is Important

DevSecOps: Building a Culture of Responsibility for Network Security

DevSecOps: Building a Culture of Responsibility for Network Security

Application Inventory Management

Application Inventory Management

static-analysis-automated-tests (1)

Static Analysis in Automated Software Quality Tests

Why Automated Code Reviews Need to Include Security Audits

Why Automated Code Reviews Need to Include Security Audits

gain-full-control

Gain full control of open source components

Security standards in software development

Security standards in software development

application-sec-in-devops

Application Security in Devops

Continuous analysis with Team Foundation Server (TFS) 2017

OWASP Top 10 2017 – A9 Using Components with Known Vulnerabilities

OWASP A3 Sensitive Data Exposure

OWASP Top 10 2017 – A3 Sensitive Data Exposure: Identify Your Weaknesses

kiuwanteamcity-2

Continuous analysis with JetBrains TeamCity

OWASP TOP 10 2017- A6 security Misconfiguration

OWASP Top 10 2017 – A6 Security Misconfiguration

OWASP TOP 10 2017- Broken access control

OWASP Top 10 2017 – A5 Broken Access Control

OWASP TOP 10 2017- A7 Cross-site Scripting (XSS)

OWASP Top 10 2017 – A7 Cross-site Scripting (XSS)

OWASP TOP 10 2017- A2 Broken Authentication

OWASP Top 10 2017 – A2 Broken Authentication

Lechazo Conf 2017

CWE Common Weakness Enumeration

CWE Common Weakness Enumeration

OWASP TOP 10 2017- A1 Injection

OWASP Top 10 2017 – A1 Injection

Automated Code Review

Automated Code Review

Owasp Benchmark

OWASP Benchmark DIY

The OWASP Benchmark & Kiuwan

The OWASP Benchmark & Kiuwan

Kiuwan indicators: security and quality indicators in Kiuwan: a practical guide

Kiuwan Indicators

Application Security — Why Businesses Need Application Security

Application Security — Why Businesses Need Application Security

How to control Kiuwan Local Analyzer execution in Continuous Integration

How to control Kiuwan Local Analyzer execution in Continuous Integration

sql-injection-avoid

SQL Injection and How to Avoid It

Suppress false positives in your code analysis

Suppress false positives in your code analysis

Pentesting: What it is and how it works

Pentesting: What it is and how it works

Jenkins integration with Kiuwan Code Analysis

Jenkins integration with Kiuwan Code Analysis

Python code analysis with Kiuwan

Python code analysis with Kiuwan

Integrate Kiuwan static test services with IBM Bluemix DevOps Services

Integrate Kiuwan static test services with IBM Bluemix DevOps Services

Ruby goes to Kiuwan

Continuous Inspection with Team Foundation Server

Bad guys love REST

14-tips-for-angular

14 tips for developing AngularJS applications

kiuwan-jira-integration

Jira integration

Code Analysis of Twitter’s DistributedLog

Code Analysis of Twitter’s DistributedLog

OWASP Top 10: how to discover vulnerabilities in your Java applications

OWASP Top 10: how to discover vulnerabilities in your Java applications

Analyzing C and C++

Analyzing C and C++

perform-k-analysis-abap

Perform Kiuwan analysis in your ABAP Development Life Cycle

OWASP Top 10: how to discover vulnerabilities in your C# applications

OWASP Top 10: how to discover vulnerabilities in your C# applications

SAP Code Quality & Security Vulnerabilities detection

SAP Code Quality & Security Vulnerabilities detection

Avoid duplicated code with clone detector

Avoid duplicated code with clone detector

CIOs vs Technical Debt: A burden for innovation

CIOs vs Technical Debt: A burden for innovation

sap-abab-continuous-analysis

Security in business-oriented languages: ABAP

cobol-security-business-oriented

Security in business-oriented languages: COBOL and RPG

How to create new zero-code Kiuwan rules

No time to fix defects? 6 actions to never give up

Analyzing C and C++

C/C++ analysis with Kiuwan, part II

Rules development (II): basis for implementation

Rules development for Kiuwan (V): Query API

sap-abab-continuous-analysis

ABAP: continuous analysis with Kiuwan

Rules development (IV): Basic API – navigating through the AST

Rules development (IV): Basic API – navigating through the AST

How to configure Kiuwan authentication with your own LDAP service

How to configure Kiuwan authentication with your own LDAP service

Rules development (III): debugging custom rules

Rules development (III): debugging custom rules

Rules development (II): basis for implementation

Rules development (II): basis for implementation

Rules development for KIUWAN (I): Where do we start?

Rules development for KIUWAN (I): Where do we start?

Perform Kiuwan analysis in your ABAP Development Life Cycle

Static analysis for ABAP

Running Local Analyzer with Kiuwan