What’s new in the OWASP Proactive Controls for 2024
I have taught a number of application security classes to developers. When it comes to ...
Continue Reading
Many Hands Approach To AppSec
"If you want to frustrate a good developer, interfere with their ability to complete work." - ...
Continue Reading
The CISO's Myopia
Fifteen years ago, I wrote an article entitled "The CSO’s Myopia." At the time, I aimed to ...
Continue Reading
Kubernetes Pentesting: The Hacker’s Harvest
Are you ready to dive into the world of Kubernetes pentesting? Join us for our upcoming webcast, ...
Continue Reading
From Code to Cloud: Strengthening IaC Security with SAST
Infrastructure as Code (IaC) is a cornerstone in modern DevOps and DevSecOps practices, but how do ...
Continue Reading
NMAP in Action: API's
In a recent blog post, my coworker Josh introduced the fundamentals of NMAP and highlighted its ...
Continue Reading
Tartar Sauce for your Phishing Program
Phishing awareness exercises have become a common part of the larger security strategy for many ...
Continue Reading
From Linux to PowerShell and Back: A Quick Command Reference
Quick Overview If you are like me, you are switching back and forth between Linux and Windows ...
Continue Reading
Flipper Zero: Hardware Hacking JTAG and SWD Webcast
The Flipper Zero is known as a hacking multitool. It can cover a range of hacking from sub-ghz ...
Continue Reading
The Client-Side Security Trap: A Warning For Developers
application security |
SDLC |
framework |
Secure Development |
Software Development |
Secure Coding Practices |
client-side Security |
Content Security Policy |
Lifecycle |
Front-End Security
Considering the inherent complexities of modern web development, understanding the distinct roles ...
Continue Reading
Top 5 Security Considerations for a New Web App: 5. Establishing a Dependency Patching Plan
Welcome to our comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
Continue Reading