Development
Python Security: Safeguarding our Code
Malicious Python security packages on PyPI and Git-Hub are the snake in the grass for security teams and developers The Rise of Python Security Exploits The Python Package Index (PyPI) and Git-Hub ...
Accurate, Useful Risk Scoring Demands Business Risk Observability
Delivering exceptional, secure application experiences means application development and security teams need visibility into the entire IT estate and ruthless prioritization. Detecting vulnerabilities is not enough. They need to see which vulnerabilities ...
What Is GitOps and How Will it Impact Digital Forensics?
GitOps is arguably the hottest trend in software development today. It is a new work model that is widely adopted due to its simplicity and the strong benefits it provides for development ...
Malware Evolves to Present New Threats to Developers
Malware, or code written for malicious purposes, is evolving.Photo by Cécile Brasseur on UnsplashSoftware developers face new threats from malicious code as their tools and processes have proven to be an effective and ...
Apollo 2.0 — New Year, New Features
Apollo 2.0 — New Year, New FeaturesIntroductionAt the beginning of 2020, I took my first real foray into programming. Inspired by Cody Thomas’s Mythic, I undertook to, what was unbeknownst to me at the time, ...
API Security 101: Broken Object Level Authorization
An API Objects Free-For-AllPhoto by CHUTTERSNAP on UnsplashI got really into studying API security recently. While working on the first draft of my book, my technical editor, Aaron Guzman, pointed out that my ...
Application Security for builders and creators
Meet Alice and BobAlice and Bob work for an exciting data analytics startup that is disrupting the healthcare tech space. You might have heard their names as they are well known in the ...
Everything You Need to Know About CI/CD and Security
CI/CD is a recommended technique for DevOps teams and a best practice in agile methodology. CI/CD is a method for consistently delivering apps to clients by automating the app development phases. Continuous ...
A Month of Reckoning for SaaS software creators and consumers
An illustration of transitive and deeply connected software supply chainsThe U.S. was caught off guard by foreign interference in the 2016 election. Given the powerful role of social media in political contests, understanding ...
SUNBURST SolarWinds BackDoor : Crime Scene Forensics Part 2 (continued)
SUNBURST SolarWinds BackDoor : Crime Scene Forensics Part 2 (continued)First, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly available informationIf ...
