DEV Community

# appsec

Application security topics beyond the web, including mobile and desktop applications.

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
What AppSec Engineers Actually Do (and Why It Matters)
mohamed_aboelkheir profile

What AppSec Engineers Actually Do (and Why It Matters)

#appsec #cybersecurity #security #design
Comments
7 min read
If Your Security Scanner Can't See Attack Chains, You're Flying Blind
eldor_zufarov_1966 profile

If Your Security Scanner Can't See Attack Chains, You're Flying Blind

#devsecops #appsec #cybersecurity #fintech
Comments
5 min read
What Government Data Breaches Teach Us About Access Control
logiqode profile

What Government Data Breaches Teach Us About Access Control

#security #appsec #devops #typescript
Comments
5 min read
Secure System Design -- 14 Challenges
fosres profile

Secure System Design -- 14 Challenges

#security #appsec #cloudsec #opensource
Comments
31 min read
From LOW to CRITICAL: How a 5-Step Vulnerability Chain Goes Undetected by Flat Scanners
eldor_zufarov_1966 profile

From LOW to CRITICAL: How a 5-Step Vulnerability Chain Goes Undetected by Flat Scanners

#security #appsec #vulnerabilities #devops
Comments
3 min read
Are You Still Checking Binary Hardening by Hand? I Built bincheck in Rust
kazu11max17 profile

Are You Still Checking Binary Hardening by Hand? I Built bincheck in Rust

#rust #security #appsec #devops
Comments
2 min read
Execute First, Ask Never: A Vulnerability in snyk-agent-scan
pachilo profile

Execute First, Ask Never: A Vulnerability in snyk-agent-scan

#agents #ai #appsec #mcp
2
Comments
8 min read
From Alert Lists to Exploit Graphs: How Auditor Core Changes the Security Calculus
eldor_zufarov_1966 profile

From Alert Lists to Exploit Graphs: How Auditor Core Changes the Security Calculus

#cybersecurity #appsec #architecture #devsecops
Comments
5 min read
Subdomain Takeover is Not Just Phishing: How Acronis Nearly Lost Authenticated API Access
bala_paranj_059d338e44e7e profile

Subdomain Takeover is Not Just Phishing: How Acronis Nearly Lost Authenticated API Access

#security #aws #cloud #appsec
Comments
6 min read
Shift-Left Chain Enforcement: Blocking Vulnerability Chains at Commit Time
eldor_zufarov_1966 profile

Shift-Left Chain Enforcement: Blocking Vulnerability Chains at Commit Time

#security #appsec #vulnerabilities #ai
Comments
5 min read
Why I Built CVE Lite CLI: Moving From "Security Debt" to Real-Time Scanning
sonukapoor profile

Why I Built CVE Lite CLI: Moving From "Security Debt" to Real-Time Scanning

#appsec #security #cli
1
Comments
4 min read
The New Wave of Accessibility-Service Malware Explained
vaibhav_shakya_e6b352bfc4 profile

The New Wave of Accessibility-Service Malware Explained

#android #appsec #cybersecurity #systemdesign
1
Comments 1
1 min read
Why Device Binding Fails — And How Attackers Bypass It
vaibhav_shakya_e6b352bfc4 profile

Why Device Binding Fails — And How Attackers Bypass It

#mobilesecurity #appsec #backendsecurity #systemdesign
Comments
1 min read
NomShub: How to Check If Your Mac Was Affected by the Cursor Sandbox Escape
armor1ai profile

NomShub: How to Check If Your Mac Was Affected by the Cursor Sandbox Escape

#security #agents #appsec #cursor
Comments
5 min read
A Complete Guide to Securing AI-Generated Code: From Pre-LLM Sanitization to AI-Native SAST (2026)
natasha_joshi_ profile

A Complete Guide to Securing AI-Generated Code: From Pre-LLM Sanitization to AI-Native SAST (2026)

#codesecurity #appsec #coding #productivity
Comments
7 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.