kiuwan blog

Your news source for Application Security
and Software Analytics.

understanding-open-source

Understanding Open Source Licensing
how-to-succeed

How to Succeed as an Open Source Developer: From Education to Contributor
worst-mistakes

The Worst AppSec Mistakes
benefits-using-sast

Five benefits of using Static Application Securites Testing (SAST) along with Other Security Solutions
true-cost

The True Cost Of Cybercrime For Companies
biggest-security-threats

The Biggest Security Threats of 2018
open-source-trends

Open Source Trends for 2018: From OpenStack to The Internet of Things
democratic-software (1)

Democratic Software: Open Source
why-open-source

Why Open Source? Six Major Advantages From a Security Perspective
gdpr-more-important

GDPR Makes Appsec More Important than Ever
5-top-tips-devsecops

5 Top Tips to Improve your DevSecOps Practices
devsecops-follow-the-leader

DevSecOps: Follow the Leader
asvs

Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)
dont-get-hacked

Don’t Get Hacked: 5 Important Ways to Protect Your Company’s Assets
owasp-resources-for-developers

OWASP Resources for Developers
code-analysis-methods

Code Analysis Methods
GDPR

GDPR – General Data Protection Regulation
open-source-comparison

A Comparison Of The Most Popular Open Source Licenses
A10

Owasp top 10 2017 – A10 Insufficient Logging & Monitoring
A8

Owasp Top 10 2017 – A8 Insecure Deserialization
Owasp A4 XML External Entities

Owasp top 10 2017 – A4 XML External Entities (XXE)
visualst

Continuous analysis with Kiuwan and Visual Studio Team Services (VSTS)
samate-nist

NIST – SAMATE
application security

What is Application Security?
shift-left (1)

How Shift Left Is Implemented in DevSecOps
7reasons

7 Reasons Why Incorporating DevOps is Important
devsecops-building-a-culture

DevSecOps: Building a Culture of Responsibility for Network Security
how-aim-unlocks

Application Inventory Management
static-analysis-in-sw-quality

Static Analysis in Automated Software Quality Tests
why-automated-code-reviews

Why Automated Code Reviews Need to Include Security Audits
gain-full-control-open-source

Gain full control of open source components
security-strds-software-dev

Security standards in software development
Devops app security

Application Security in Devops
kiuwan-tfs

Continuous analysis with Team Foundation Server (TFS) 2017
A9

OWASP Top 10 2017 – A9 Using Components with Known Vulnerabilities
OWASP A3 Sensitive Data Exposure

OWASP Top 10 2017 – A3 Sensitive Data Exposure: Identify Your Weaknesses
kiuwanteamcity (1)

Continuous analysis with JetBrains TeamCity
A6

OWASP Top 10 2017 – A6 Security Misconfiguration
A5

OWASP Top 10 2017 – A5 Broken Access Control
A7

OWASP Top 10 2017 – A7 Cross-site Scripting (XSS)
OWASP A2 Broken Authentication

OWASP Top 10 2017 – A2 Broken Authentication
Captura

Lechazo Conf 2017
CWE

CWE Common Weakness Enumeration
OWASP A1

OWASP Top 10 2017 – A1 Injection
code review

Automated Code Review
Owasp Benchmark

OWASP Benchmark DIY
meme1

The OWASP Benchmark & Kiuwan
d-1

Kiuwan Indicators
application security

Application Security — Why Businesses Need Application Security
continuous

How to control Kiuwan Local Analyzer execution in Continuous Integration
injection

SQL Injection and How to Avoid It
suppress-false-positives

Suppress false positives in your code analysis
hack_img6

Pentesting: What it is and how it works
jenkins

Jenkins integration with Kiuwan Code Analysis
python-1

Python code analysis with Kiuwan
IBM-Bluemix

Integrate Kiuwan static test services with IBM Bluemix DevOps Services
ruby

Ruby goes to Kiuwan
inspection

Continuous Inspection with Team Foundation Server
Sin-título

Bad guys love REST
Sin-título-2

14 tips for developing AngularJS applications
kiuwan-jira-integration

Jira integration
twitter-140-media

Code Analysis of Twitter’s DistributedLog
top 10

OWASP Top 10: how to discover vulnerabilities in your Java applications
cc

Analyzing C and C++
sap

Perform Kiuwan analysis in your ABAP Development Life Cycle
top-10

OWASP Top 10: how to discover vulnerabilities in your C# applications
sap-code-vulnerabilities-detection

SAP Code Quality & Security Vulnerabilities detection
duplicated

Avoid duplicated code with clone detector
errr

CIOs vs Technical Debt: A burden for innovation
sap-abab-continuous-analysis

Security in business-oriented languages: ABAP
old

Security in business-oriented languages: COBOL and RPG
scratch

How to create new zero-code Kiuwan rules
fix

No time to fix defects? 6 actions to never give up
cc

C/C++ analysis with Kiuwan, part II
rules

Rules development for Kiuwan (V): Query API
sap-abab-continuous-analysis

ABAP: continuous analysis with Kiuwan
rules2

Rules development (IV): Basic API – navigating through the AST
ldap

How to configure Kiuwan authentication with your own LDAP service
rules3

Rules development (III): debugging custom rules
rules

Rules development (II): basis for implementation
rules4

Rules development for KIUWAN (I): Where do we start?
sap

Static analysis for ABAP

Running Local Analyzer with Kiuwan