Author: Steve Galache


Cross Site Request Forgery (CSRF)

Defending Against Cross Site Request Forgery   Cross–Site Request Forgery, or CSRF, sometimes pronounced “Sea Surf,” is an alarmingly simple way to perform unauthorized actions on a website. The trick is this: The user is logged into a restricted site or otherwise has authorization to use it. A URL from a hostile site asks the restricted one to take some… Read more →


Application Security — Why Businesses Need Application Security

There is almost an endless list of reasons why application security is important to businesses. Those range from maintaining a positive brand image to preventing security breaches that impact the trust that your clients and shareholders have in your business. The Focal Shift of Hackers Not so long ago the majority of hacking occurred through weak links in operating systems.… Read more →


Pentesting: What it is and how it works

Pentesting: What It Is, And How It Works   Pentesting is also called penetration testing or ethical hacking. A penetration test is designed to answer the question: “How effective is my current security against a skilled human attacker?” In this article, we’ll go over what it is, why it’s important to businesses and how a skilled pentester works.   What is Pentesting? … Read more →

Sin título

Jenkins integration with Kiuwan Code Analysis

A while ago we released our Jenkins plugin as a way to ease the workflow of developers who use Kiuwan, and since then we have had great feedback from our community of users. Measure code security and quality continuously In a world where companies are embracing DevOps initiatives, we aim to help them integrate the measurement and analysis of their application’s code… Read more →


Python code analysis with Kiuwan

Kiuwan’s latest release now includes coverage for Python. Python was conceived in the late 1980s, and its implementation began in December 1989 by Guido van Rossum. Van Rossum is Python’s principal author, and his continuing central role in deciding the direction of Python is reflected in the title given to him by the Python community, benevolent dictator for life (BDFL). Python 2.0… Read more →


Integrate Kiuwan static test services with IBM Bluemix DevOps Services

I’m located at Tokyo, but I sometimes collaborate beyond border to assist customers. I’m working with Smith Naik who has been managers of various IBM software at IBM labs, now works for various customers to provide best solutions for them. We were wondering how we can provide “static analysis” on the cloud using IBM Bluemix DevOps Services, and Smith found… Read more →

AngularJS tips

14 tips for developing AngularJS applications

AngularJS is one of the most popular JavaScript frameworks for client-side development. An insight into some AngularJS concepts, such as $scopes, two-way data binding and directives, will bring us some important tips to keep in mind while developing AngularJS applications. AngularJS provides MVC architecture for developing SPA (Single Page Application). Key features are two-way data binding, built-in dependency injection, templates… Read more →

Jira Integration SDLS

Jira integration

Kiuwan Software Analytics integrates with JIRA Developers want and need to have full control of their code, Kiuwan Software Analytics provides that control in terms of the risks developers face, and the effort to maintain a desired level of quality. However, we cannot overlook the fact that developers already use a wide variety of tools to control other aspects of… Read more →