How Contained are your Issues with Containers?
In the 1948, an American chemist named Earl Tupper introduced a new type of plastic container. It was a fantastic […]
September 8, 2020
The 10 Step Application Security Test
Securing apps is a major challenge and achievement for any organization. For an app to be secure, it should not […]
September 3, 2020
3 Reasons You Should Be Threat Modelling Today
Let’s be straight here. I’m sure a lot of you have the sneaking suspicion that this article and threat modelling […]
August 20, 2020
7 Features that make ZAP Great for Application Security Testing
Why do we love ZAP for Application Security Testing? The Zed Attack Proxy (ZAP) is one of the most widely-used […]
August 13, 2020
5 Mistakes to Avoid in Enterprise Security Management
A lot of organisations think of Enterprise Security Management like a bad roommate — can’t live with ‘em, can’t live […]
August 6, 2020
Top 10 Security Risks In Serverless
How does security work in Serverless? When you go serverless, it’s the serverless provider (eg. AWS lambda, Google Cloud Functions […]
July 27, 2020
The AppSec Skill Gap and what we’re doing to Fix it!
If you had told anyone about 30 years ago that there would be a way for anyone in the world […]
April 30, 2020
Why Development and Security Teams need Holistic Learning
One of the primary causes that hinder effective application security in organisations, is the rift between development (engineering) and security […]
April 17, 2020
Perils of Local File Inclusion in File Download
Local File Inclusion (LFI) is a flaw that allows an attacker to disclose or execute files that are already present […]
January 6, 2020
Progressions in our AppSec Testing
We’ve reached a point in time when personas identify differences between “pentesting” and “pen-testing”….and rightfully so. While the actual merit […]