One of the most components of the DevSecOps approach is security automation. To have this aspect in their DevOps environment companies should implement both a SAST and a DAST tool. Therefore, many people are asking is Netsparker a DAST? Netsparker is a DAST tool as it gives the development team ...
With the race to make software development even faster, companies start to adopt a new way technique based on using already developed code components. Unfortunately, this development technique comes with many security vulnerabilities that have made the software even less secure regardless of the enhancement the used development technology has ...
Vulnerability scanners are one of the best cyber security solutions that you can use to secure your network. However, one of the most known myths that I always hear about and I see people asking about it is Does vulnerability scanners discover all vulnerabilities? The vulnerability scanners available in the ...
When we speak about secure development and how we can speeds up the development process the first concept that gets into our head is the DevSecOps. More and more companies around the world have started to implement it because it has proved its effectiveness. Some companies have opted for a ...
Adopting and implementing the Devsecops principles in your development process is becoming more and more important to produce secure applications. Unfortunately, by searching this subject on Google you can’t find a step-by-step process that explains this in detail. Therefore, here are the steps to successfully start a Devsecops: Enhance security ...
One of the most confusing systems in the DevSecOps methodology is Dynamic application security testing (DAST). Many people I’ve met think are basically confused between DAST penetration testing and either a DAST tool can be part of the DevSecOps or not. Therefore, in this blog post, I am going to ...
In the last few years, I have worked with some companies in the market to implement security in their DevOps system, and it was really a good experience that let me understand what really works and what doesn’t in a DevSecOps environment. Here is a table that summaries the pros ...
For many years ago, cyber security was considered as a final product or job that you add when the application functionalities are correctly working. However, today the game has changed and it is becoming a part of the Development lifecycle. Now how many steps are there in a secure development ...
After years of doing penetration tests and working with many companies, I have started to notice that this question start to become more frequently asked especially from those with complex apps. Therefore, here is my response to the question Do I need to fix all the discovered vulnerabilities? Fixing a ...
Blockchain technology was indeed built with security in mind. This means that it is supposed to be very secure compared to other technologies. However, Blockchain technology suffers from some weaknesses that can be exploited to damage the system. So what are Blockchain attacks? Blockchain technology could be attacked at each [...]
