Building a secure development process for a retailer. Part 4 Summary of a major project

How DerScanner provides the most accurate result of appsec testion in the market

With the development culture continuing to evolve rapidly, new code quality assurance tools are appearing on the market and being used in dramatically new and innovative ways. We’ve already written about static analysis, what to pay attention to when choosing an analyzer, and, finally, how to establish a static analysis-based process for your organization.

What are the results of developer errors in the code? Why are vulnerabilities in software so widespread? And how DevSecOps and Secure SDLC can help? You can find the answers in my guest essay on The Last Watchdog...

Hello friends! Today we will talk about the books that are ‘a must’ for application security manager. This is my choice, but if you have other nominees for “appsec bestseller”, please, share in comments. So, let’s start! 1. Hackable: How to Do Application Security Right. Ted Harrington. Who will be first to find vulnerabilities in code...

Today let’s talk about why zero-day vulnerabilities in software are so dangerous. There are many types of vulnerabilities known to the information security community and classified by threat or severity level. The term ‘zero-day’ refers to the number of days that the developers have had to fix a new vulnerability. Thus, a zero-day...