Skip to content
Navigation menu
Search
Search
Log in
Create account
DEV Community
Close
#
appsec
Follow
Hide
Posts
Left menu
đź‘‹
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
Security is Everybody's Job - Part 1 - DevSecOps
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Apr 8 '20
Security is Everybody's Job - Part 1 - DevSecOps
#
devops
#
beginners
#
devsecops
#
appsec
55
 reactions
Comments
2
 comments
3 min read
Pushing Left, Like a Boss - Part 7: Code Review and Static Code Analysis
Tanya Janca
Tanya Janca
Tanya Janca
Follow
for
Microsoft Azure
Sep 20 '19
Pushing Left, Like a Boss - Part 7: Code Review and Static Code Analysis
#
applicationsecurity
#
appsec
#
beginners
#
security
49
 reactions
Comments
2
 comments
1 min read
Security is Everybody's Job - Part 2 - What is application security?
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Apr 17 '20
Security is Everybody's Job - Part 2 - What is application security?
#
devops
#
beginners
#
devsecops
#
appsec
30
 reactions
Comments
3
 comments
4 min read
Como identificar vulnerabilidades no cĂłdigo fonte?
Gabriel Galdino
Gabriel Galdino
Gabriel Galdino
Follow
Nov 21 '23
Como identificar vulnerabilidades no cĂłdigo fonte?
#
webdev
#
appsec
#
security
#
devops
23
 reactions
Comments
3
 comments
8 min read
Dicas de codificação segura em C#
Gabriel Galdino
Gabriel Galdino
Gabriel Galdino
Follow
Nov 7 '23
Dicas de codificação segura em C#
#
appsec
#
security
#
csharp
#
dotnet
23
 reactions
Comments
3
 comments
9 min read
Pushing Left, Like a Boss — Part 5.13 — HTTPS only
Tanya Janca
Tanya Janca
Tanya Janca
Follow
for
Microsoft Azure
Sep 16 '19
Pushing Left, Like a Boss — Part 5.13 — HTTPS only
#
programming
#
appsec
#
beginners
#
security
18
 reactions
Comments
Add Comment
1 min read
Pushing Left, Like a Boss — Part 5.2 — Use Safe Dependencies
Tanya Janca
Tanya Janca
Tanya Janca
Follow
for
Microsoft Azure
May 15 '19
Pushing Left, Like a Boss — Part 5.2 — Use Safe Dependencies
#
appsec
#
tutorial
#
beginners
#
security
18
 reactions
Comments
3
 comments
1 min read
Pushing Left, Like a Boss - Part 6: Threat Modelling
Tanya Janca
Tanya Janca
Tanya Janca
Follow
for
Microsoft Azure
Sep 19 '19
Pushing Left, Like a Boss - Part 6: Threat Modelling
#
applicationsecurity
#
tutorial
#
beginners
#
appsec
18
 reactions
Comments
Add Comment
1 min read
Pushing Left, Like a Boss, Part 5.14 Secure Coding Summary
Tanya Janca
Tanya Janca
Tanya Janca
Follow
for
Microsoft Azure
Sep 19 '19
Pushing Left, Like a Boss, Part 5.14 Secure Coding Summary
#
applicationsecurity
#
tutorial
#
beginners
#
appsec
17
 reactions
Comments
Add Comment
1 min read
Security is Everybody's Job - Part 3 - What IS DevOps?
Tanya Janca
Tanya Janca
Tanya Janca
Follow
May 21 '20
Security is Everybody's Job - Part 3 - What IS DevOps?
#
devops
#
beginners
#
devsecops
#
appsec
16
 reactions
Comments
Add Comment
2 min read
Codificação segura, por que todos devs precisam conhecer?
Gabriel Galdino
Gabriel Galdino
Gabriel Galdino
Follow
Aug 24 '23
Codificação segura, por que todos devs precisam conhecer?
#
appsec
#
codereview
#
devsecops
16
 reactions
Comments
3
 comments
2 min read
Publishing an obfuscated kotlin library
Iury Souza
Iury Souza
Iury Souza
Follow
Dec 27 '20
Publishing an obfuscated kotlin library
#
kotlin
#
java
#
appsec
#
gradle
14
 reactions
Comments
Add Comment
6 min read
Secure by default, unsafe by you
Artur Balsam
Artur Balsam
Artur Balsam
Follow
Sep 25 '21
Secure by default, unsafe by you
#
security
#
appsec
#
react
#
mithril
14
 reactions
Comments
Add Comment
2 min read
Security is Everybody's Job - Part 6 - The Second Way
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Jul 7 '20
Security is Everybody's Job - Part 6 - The Second Way
#
devops
#
beginners
#
devsecops
#
appsec
14
 reactions
Comments
Add Comment
3 min read
2 free data security tools every dev should know (and use)
Cossack Labs
Cossack Labs
Cossack Labs
Follow
Mar 18 '22
2 free data security tools every dev should know (and use)
#
security
#
appsec
#
encryption
#
opensource
13
 reactions
Comments
3
 comments
2 min read
AMA: Where can we learn Threat Modelling?
Tanya Janca
Tanya Janca
Tanya Janca
Follow
May 14 '20
AMA: Where can we learn Threat Modelling?
#
threat
#
application
#
security
#
appsec
12
 reactions
Comments
1
 comment
2 min read
O que vem depois do Pentesting?
Gabriel Galdino
Gabriel Galdino
Gabriel Galdino
Follow
Jan 31
O que vem depois do Pentesting?
#
braziliandevs
#
pentest
#
security
#
appsec
12
 reactions
Comments
Add Comment
13 min read
Encryption in â›… cloud native apps
Cossack Labs
Cossack Labs
Cossack Labs
Follow
May 12 '22
Encryption in â›… cloud native apps
#
cloudnative
#
encryption
#
cryptography
#
appsec
11
 reactions
Comments
Add Comment
3 min read
Pushing Left, Like a Boss - Part 10: Special AppSec Activities and Situations
Tanya Janca
Tanya Janca
Tanya Janca
Follow
for
Microsoft Azure
Oct 2 '19
Pushing Left, Like a Boss - Part 10: Special AppSec Activities and Situations
#
security
#
appsec
#
beginners
11
 reactions
Comments
Add Comment
2 min read
Explicando o TOP 4 da OWASP "Design Inseguro" para desenvolvedores
Gabriel Galdino
Gabriel Galdino
Gabriel Galdino
Follow
Feb 23 '23
Explicando o TOP 4 da OWASP "Design Inseguro" para desenvolvedores
#
owasp
#
appsec
#
beginners
#
security
10
 reactions
Comments
Add Comment
3 min read
To Secure Today’s Code, It’s Time to Shift Left
advocatemack
advocatemack
advocatemack
Follow
Mar 30 '21
To Secure Today’s Code, It’s Time to Shift Left
#
cybersecurity
#
appsec
#
security
#
infosec
10
 reactions
Comments
Add Comment
6 min read
Threads of the Next Wave of DevOps
bfuller
bfuller
bfuller
Follow
Sep 13 '23
Threads of the Next Wave of DevOps
#
devops
#
appsec
#
collaboration
#
nextops
9
 reactions
Comments
Add Comment
7 min read
How to build a secure crypto wallet
Cossack Labs
Cossack Labs
Cossack Labs
Follow
Dec 15 '21
How to build a secure crypto wallet
#
cryptography
#
cryptocurrency
#
appsec
#
datasecurity
9
 reactions
Comments
3
 comments
1 min read
Pensando sobre Cultura de AppSec
Gabriel Galdino
Gabriel Galdino
Gabriel Galdino
Follow
Dec 21 '23
Pensando sobre Cultura de AppSec
#
culture
#
appsec
#
braziliandevs
#
security
8
 reactions
Comments
1
 comment
3 min read
Scanning the Damn Vulnerable Web App with StackHawk
Scott Gerlach
Scott Gerlach
Scott Gerlach
Follow
Apr 18 '20
Scanning the Damn Vulnerable Web App with StackHawk
#
appsec
#
development
#
dast
#
security
8
 reactions
Comments
Add Comment
10 min read
AMA: DevSecOps versus Secure SDLC
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Apr 19 '20
AMA: DevSecOps versus Secure SDLC
#
appsec
#
sdlc
#
development
#
programming
8
 reactions
Comments
2
 comments
1 min read
What do appsec and fire extinguishers have in common?
Cossack Labs
Cossack Labs
Cossack Labs
Follow
Apr 13 '21
What do appsec and fire extinguishers have in common?
#
security
#
appdev
#
appsec
#
riskmanagement
8
 reactions
Comments
Add Comment
3 min read
How AWS's EC2 Instance Metadata V2 Prevents SSRF
Ari Kalfus
Ari Kalfus
Ari Kalfus
Follow
Nov 23 '19
How AWS's EC2 Instance Metadata V2 Prevents SSRF
#
security
#
cloud
#
aws
#
appsec
8
 reactions
Comments
Add Comment
7 min read
ThreatMapper 1.3.0: Now with Secret Scanning, Runtime SBOMs, and More
Deepfence
Deepfence
Deepfence
Follow
Mar 15 '22
ThreatMapper 1.3.0: Now with Secret Scanning, Runtime SBOMs, and More
#
sbom
#
devsecops
#
infosec
#
appsec
7
 reactions
Comments
Add Comment
5 min read
Security Champion
Farman Pirzada
Farman Pirzada
Farman Pirzada
Follow
Jul 8 '19
Security Champion
#
securitychampion
#
appsec
#
infosec
#
owasp
7
 reactions
Comments
Add Comment
2 min read
Codecov supply chain attack - Step by step breakdown
advocatemack
advocatemack
advocatemack
Follow
Jun 21 '21
Codecov supply chain attack - Step by step breakdown
#
security
#
appsec
#
devops
#
hacking
7
 reactions
Comments
Add Comment
7 min read
Subscribe to a new newsletter for security-aware developers!
Cossack Labs
Cossack Labs
Cossack Labs
Follow
Aug 22 '22
Subscribe to a new newsletter for security-aware developers!
#
security
#
cryptography
#
devsecops
#
appsec
6
 reactions
Comments
Add Comment
1 min read
How to Automate OWASP ZAP
Simon Bennetts
Simon Bennetts
Simon Bennetts
Follow
for
Jit - Minimum Viable Security for Developers
Sep 14 '22
How to Automate OWASP ZAP
#
owasp
#
opensource
#
security
#
appsec
6
 reactions
Comments
1
 comment
8 min read
What is Minimum Viable Security (MVS) and how does it improve the life of developers?
David Melamed
David Melamed
David Melamed
Follow
for
Jit - Minimum Viable Security for Developers
Jul 5 '22
What is Minimum Viable Security (MVS) and how does it improve the life of developers?
#
security
#
appsec
#
devsecops
#
mvs
6
 reactions
Comments
1
 comment
6 min read
Security is Everybody's Job - Part 5 - The First Way
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Jun 4 '20
Security is Everybody's Job - Part 5 - The First Way
#
devops
#
beginners
#
devsecops
#
appsec
6
 reactions
Comments
Add Comment
4 min read
Using StackHawk in GitLab - Know Before You Go (Live)
Scott Gerlach
Scott Gerlach
Scott Gerlach
Follow
Apr 21 '20
Using StackHawk in GitLab - Know Before You Go (Live)
#
appsec
#
cicd
#
devops
#
development
6
 reactions
Comments
Add Comment
7 min read
AMA AppSec: What would you tell University Students about Application Security?
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Apr 7 '20
AMA AppSec: What would you tell University Students about Application Security?
#
ama
#
appsec
#
security
#
university
6
 reactions
Comments
Add Comment
2 min read
One Year Anniversary of We Hack Purple
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Mar 10 '21
One Year Anniversary of We Hack Purple
#
startup
#
appsec
#
business
#
purple
5
 reactions
Comments
Add Comment
4 min read
Exploring đźš©đźš©đźš©red flags in React Native security libraries
Cossack Labs
Cossack Labs
Cossack Labs
Follow
Feb 16 '22
Exploring đźš©đźš©đźš©red flags in React Native security libraries
#
reactnative
#
appsec
#
cryptography
#
opensource
5
 reactions
Comments
Add Comment
2 min read
Network Traffic Observability: Three PacketStreamer Use Cases
Deepfence
Deepfence
Deepfence
Follow
May 9 '22
Network Traffic Observability: Three PacketStreamer Use Cases
#
devsecops
#
infosec
#
appsec
#
cybersecurity
5
 reactions
Comments
Add Comment
3 min read
Securing Your Applications on AWS: Guide to Data Privacy and Protection
Wilklins Nyatteng
Wilklins Nyatteng
Wilklins Nyatteng
Follow
for
AWS Community Builders
Nov 27 '23
Securing Your Applications on AWS: Guide to Data Privacy and Protection
#
aws
#
appsec
#
infosec
#
devsecops
5
 reactions
Comments
Add Comment
3 min read
Security by incident and surprise
Artur Balsam
Artur Balsam
Artur Balsam
Follow
Sep 25 '21
Security by incident and surprise
#
security
#
csrf
#
html
#
appsec
5
 reactions
Comments
Add Comment
4 min read
The Importance of Inventory
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Nov 18 '19
The Importance of Inventory
#
appsec
#
infosec
#
security
#
inventory
5
 reactions
Comments
Add Comment
6 min read
Authentication bypass in cryptography library
Artur Balsam
Artur Balsam
Artur Balsam
Follow
Sep 25 '21
Authentication bypass in cryptography library
#
security
#
appsec
#
bcrpyt
5
 reactions
Comments
Add Comment
3 min read
Spring Boot: Prevent Log Injection Attacks With Logback
0xdbe
0xdbe
0xdbe
Follow
Mar 13 '22
Spring Boot: Prevent Log Injection Attacks With Logback
#
security
#
appsec
#
spring
5
 reactions
Comments
Add Comment
4 min read
Explicando o TOP 1 da OWASP "Broken Access Control" para desenvolvedores
Gabriel Galdino
Gabriel Galdino
Gabriel Galdino
Follow
Jan 25 '23
Explicando o TOP 1 da OWASP "Broken Access Control" para desenvolvedores
#
owasp
#
appsec
#
security
#
accesscontrol
5
 reactions
Comments
Add Comment
7 min read
Angular Security - Disable Inline Critical CSS
0xdbe
0xdbe
0xdbe
Follow
Sep 6 '21
Angular Security - Disable Inline Critical CSS
#
security
#
appsec
#
angular
5
 reactions
Comments
2
 comments
2 min read
How to Approach DevSecOps Security Automation
Gary Robinson
Gary Robinson
Gary Robinson
Follow
Apr 5 '22
How to Approach DevSecOps Security Automation
#
devops
#
devsecop
#
appsec
#
security
5
 reactions
Comments
Add Comment
5 min read
Hacking the SDLC: Win the Minds of your Developers
Michael Rossoni
Michael Rossoni
Michael Rossoni
Follow
Jan 18 '20
Hacking the SDLC: Win the Minds of your Developers
#
appsec
#
devsecops
#
sdlc
#
productsecurity
5
 reactions
Comments
Add Comment
4 min read
GitHub: How To Enable Code Scanning With Semgrep
0xdbe
0xdbe
0xdbe
Follow
Nov 9 '22
GitHub: How To Enable Code Scanning With Semgrep
#
security
#
appsec
#
github
5
 reactions
Comments
Add Comment
3 min read
Alice and Bob Learn: Chapter Discussions
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Mar 20 '21
Alice and Bob Learn: Chapter Discussions
#
application
#
security
#
appsec
#
devsecops
5
 reactions
Comments
Add Comment
2 min read
AppSec: Some testing technique explained DAST, SAST, IAST, OSA/SCA
coadaflorin
coadaflorin
coadaflorin
Follow
Apr 13 '20
AppSec: Some testing technique explained DAST, SAST, IAST, OSA/SCA
#
appsec
#
security
5
 reactions
Comments
1
 comment
7 min read
VMClarity: Virtual Machine Security
Shannon McFarland
Shannon McFarland
Shannon McFarland
Follow
for
Outshift By Cisco
Apr 13 '23
VMClarity: Virtual Machine Security
#
sbom
#
opensource
#
appsec
4
 reactions
Comments
1
 comment
2 min read
Breaking and building encryption in NFC digital wallets đź“ł
Cossack Labs
Cossack Labs
Cossack Labs
Follow
Mar 28 '23
Breaking and building encryption in NFC digital wallets đź“ł
#
encryption
#
cryptography
#
security
#
appsec
4
 reactions
Comments
Add Comment
2 min read
How to get your boss to approve the training you want
Tanya Janca
Tanya Janca
Tanya Janca
Follow
Dec 5 '20
How to get your boss to approve the training you want
#
training
#
appsec
#
infosec
#
devsecops
4
 reactions
Comments
Add Comment
4 min read
open-appsec NGINX WAF makes machine learning friendly using gamification
openappsec
openappsec
openappsec
Follow
Sep 28 '22
open-appsec NGINX WAF makes machine learning friendly using gamification
#
cloudnative
#
nginx
#
kubernetes
#
appsec
4
 reactions
Comments
Add Comment
2 min read
How to approach DevSecOps security automation
Gary Robinson
Gary Robinson
Gary Robinson
Follow
Jul 21 '21
How to approach DevSecOps security automation
#
devops
#
security
#
sre
#
appsec
4
 reactions
Comments
Add Comment
4 min read
Doing DevSecOps without constant CI/CD changes
Gary Robinson
Gary Robinson
Gary Robinson
Follow
Apr 19 '22
Doing DevSecOps without constant CI/CD changes
#
security
#
devops
#
appsec
#
cybersecurity
4
 reactions
Comments
Add Comment
5 min read
Conhecendo a OWASP
Fernando Guisso
Fernando Guisso
Fernando Guisso
Follow
Apr 2 '20
Conhecendo a OWASP
#
owasp
#
appsec
#
infosec
#
security
3
 reactions
Comments
Add Comment
3 min read
Explicando o TOP 2 da OWASP "Falhas Criptográficas" para desenvolvedores
Gabriel Galdino
Gabriel Galdino
Gabriel Galdino
Follow
Feb 2 '23
Explicando o TOP 2 da OWASP "Falhas Criptográficas" para desenvolvedores
#
owasp
#
appsec
#
cryptographic
3
 reactions
Comments
Add Comment
5 min read
loading...
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account