AppSec Training – Necessary, but not sufficient

AppSec Training – Necessary, but not sufficient

It’s no secret that the earlier you discover security bugs in the software development life cycle (SDLC), the more time, money, and resources you will save. While making use of “reactive” security testing tools such as SAST and IAST is necessary to prevent vulnerabilities from entering production, a proactive approach ... Read More
Houston [I mean Bulgaria], we’ve got a problem

Houston [I mean Bulgaria], we’ve got a problem

Every relationship is built on trust. Trust is at the core of every lasting relationship, whether it’s between family members, between spouses, between organizations and their customers, and even between citizens and their government. At the start of this week, this trust was unfortunately violated in Bulgaria. The data of ... Read More
What the heck is IAST?

What the heck is IAST?

The application security testing (AST) world is made up of different solutions, all with one ultimate goal – to protect software from hackers, and their attacks. SAST and DAST are perhaps the two most common and well-known solutions. In the last few years, a newcomer has gradually received more-and-more attention ... Read More
SAST & IAST – The Power Couple in the DevSecOps Era

SAST & IAST – The Power Couple in the DevSecOps Era

DevSecOps has become one of the hottest buzzwords in the DevOps and security ecosystem over the past couple of years. But what is it, and how do you turn it into reality? DevSecOps executes on the belief that security and development teams are jointly responsible for bolstering security – essentially ... Read More