Building a secure development process for a retailer. Part 4 Summary of a major project


Building a secure development process for a retailer. Part 4 Summary of a major project


Interview at GISEC 2023


How DerScanner provides the most accurate result of appsec testion in the market

Security News

SDLC, or How to Make Development More Secure?


With the development culture continuing to evolve rapidly, new code quality assurance tools are appearing on the market and being used in dramatically new and innovative ways. We’ve already written about static analysis, what to pay attention to when choosing an analyzer, and, finally, how to establish a static analysis-based process for your organization.


The Role of Automation in Keeping Software from Malicious, Unintended Usage


What are the results of developer errors in the code? Why are vulnerabilities in software so widespread? And how DevSecOps and Secure SDLC can help? You can find the answers in my guest essay on The Last Watchdog...

Social Network

3 Must-Read Books for Application Security Manager


Hello friends! Today we will talk about the books that are ‘a must’ for application security manager. This is my choice, but if you have other nominees for “appsec bestseller”, please, share in comments. So, let’s start! 1. Hackable: How to Do Application Security Right. Ted Harrington. Who will be first to find vulnerabilities in code...

Social Network

Vulnerabilities in Open Source Projects: EffectiveProtection


Today let’s talk about why zero-day vulnerabilities in software are so dangerous. There are many types of vulnerabilities known to the information security community and classified by threat or severity level. The term ‘zero-day’ refers to the number of days that the developers have had to fix a new vulnerability. Thus, a zero-day...