Continuous analysis with JetBrains TeamCity

Everybody knows the benefits of CI in the SDLC. I’m not discovering new ground here, but what’s interesting is that you can leverage your continuous integration processes to have a continuous analysis processes to have all the objective information you need from your applications at build time with Kiuwan.

OWASP Top 10 2017 – A5 Security Misconfiguration

Security misconfigurations are "holes" or weaknesses within your computer applications that leave your system vulnerable to attack.

OWASP Top 10 2017 – A4 Broken Access Control

Understanding Authorization To Resolve Broken Access Control Access control (authorization) determines what users communicate with what systems and resources within your company.

OWASP Top 10 2017 – A3 Cross-site Scripting (XSS)

How to Resolve and Prevent XSS Cross site scripting (XSS) occurs when an attacker injects malicious script, like JavaScript, into your web browser which compromises an infected web site.

OWASP Top 10 2017 – A2 Broken Authentication and Session Management

Authentication and session management includes verifying user credentials and managing their active sessions.

Lechazo Conf 2017

Returning from Saturday's LechazoConf 2017, a conference about failures (and successes) of entrepreneurs/startups in Castilla-Leon (and Spain).

CWE Common Weakness Enumeration

The Common Weakness Enumeration Initiative The Common Weakness Enumeration (CWE) is an extension of the Common Vulnerabilities and Exposures (CVE) list compiled by MITRE, a federally-funded, non-profit organization that manages research and development centers supporting government agencies like Homeland Security.

Automated Code Review

The Benefits Of Automated Code Review       According to the

OWASP Benchmark DIY

As is defined in its web page (https://www.

The OWASP Benchmark & Kiuwan

What is the OWASP Benchmark? I'm sure that most of you are familiar with

Kiuwan Indicators

Security and Quality Indicators in Kiuwan: a practical guide   Kiuwan gathers evidence from application's source code using in-house develop Kiuwan static analyzers.

Application Security — Why Businesses Need Application Security

There is almost an endless list of reasons why application security is important to businesses.

Cross Site Request Forgery (CSRF)

Defending Against Cross Site Request Forgery  

How to control Kiuwan Local Analyzer execution in Continuous Integration

A common question from users that run Kiuwan in a Continuous Integration scenario is : How can i control (or be notified of) the results of the execution of Kiuwan Local Analyzer? And furthermore.