Why Open Source? Six Major Advantages From a Security Perspective

The concept of open source software has shifted considerably from what some enterprises once thought about it.

GDPR Makes Appsec More Important than Ever

With the coming of GDPR, the stakes in application security get still higher.

5 Top Tips to Improve your DevSecOps Practices

DecSecOps is becoming more and more important to companies to stay afloat.

DevSecOps: Follow the Leader

When we think of security, especially the deep embedded and core measures introduced by DevSecOps, we often think of these measures in terms of insurance - and rightly so.

Why Companies Need to Know About the OWASP Application Security Verification Standard (ASVS)

While we've discussed OWASP (Open Web Application Security Project), it's importance to the security of applications and development and the standards it sets, there are other aspects that deserve our attention.

Don’t Get Hacked: 5 Important Ways to Protect Your Company’s Assets

Malware has become a constant reality for most businesses.

OWASP Resources for Developers

The OWASP project is concerned with all aspects of application security and trust.

Code Analysis Methods

Software tools for code analysis let developers create code which has fewer bugs and is more secure.

GDPR – General Data Protection Regulation

The GDPR is Promoting a Culture Change About Data Privacy   The importance and need for security has never been greater, in particular with personal and data security.

Owasp top 10 2017 – A10 Insufficient Logging & Monitoring

Audit Trail Vulnerabilities: Insufficient Logging and Monitoring   Insufficient logging and monitoring of computer systems, applications and networks provide multiple gateways to probes and breaches that can be difficult or impossible to identify and resolve without a viable audit trail.

Owasp Top 10 2017 – A8 Insecure Deserialization

What Insecure Deserialization Is Capable Of The new 2017 OWASP Top 10 shows that insecure deserialization has edged out CSRF (Cross-site Request Forgery) from the NO.

Owasp top 10 2017 – A4 XML External Entities (XXE)

Understanding How External Entities Attack XML Files Extensible Markup Language (XML) files are plain-text files that describe data behavior as that data relates to a connected network or server application.

Continuous analysis with Kiuwan and Visual Studio Team Services (VSTS)

Microsoft is not that company neglecting everything that has anything to do with the Internet anymore.

NIST – SAMATE

If you live in the world of Appsec, ever visit the realm of software development or know the landscape of DevOps security for example, then you understand and appreciate the NIST.