DevSecOps in Practice: How to Embed Security into the DevOps Lifecycle
You???ve heard of DevOps. And by now, you???ve probably also heard of DevSecOps, which extends DevOps principles into the realm of security. In DevSecOps, security breaks out of its ???silo??? and becomes a core part of the DevOps lifecycle. That, at least, is the theory behind DevSecOps. What???s often more ... Read More
Automated Security Testing for Developers
Today, more than ever before, development organizations are focusing their efforts on reducing the amount of time it takes to develop and deliver software applications. While this increase in velocity provides significant benefits for the end users and the business, it does complicate the process for testing and verifying the ... Read More
Preventing CSRF Attacks
Cross-site request forgery (CSRF, sometimes pronounced ???sea surf??? and not to be confused with cross-site scripting) is a simple yet invasive malicious exploit of a website. It involves a cyberattacker adding a button or link to a suspicious website that makes a request to another site you???re authenticated on. For ... Read More