Best Practices in Dependency Management: Cooking a Meal of Gourmet Code

5 minute read time

Close to 85% of every application is open source software. Better understanding your software supply chain starts with understanding dependency management.
Read More...

SCA and SAST: What Do They Do and How Can They Help Developers Like You?

By Theresa Mammarella on January 03, 2023 AppSec

5 minute read time

SCA and SAST tools help DevSecOps teams and application developers work together to identify vulnerabilities and improve security.
Read More...

What do Log4Shell and a Global Pandemic Have in Common?

By Theresa Mammarella on November 15, 2022 AppSec

4 minute read time

A look at development through the lens of weddings, including long-term planning, contingencies, and disasters. A video talk from this years DEVOXX.
Read More...

Breaking Organizational Silos for Better Application Security

By Phil Vuollet on July 08, 2021 AppSec

3 minute read time

Security depends on collaboration and communication. Our recent Elevate talk breaks down pillars, structure, and suggestions for organizational silos.
Read More...

Compliance as Code

By Pachi Carlson on July 06, 2020 Compliance

4 minute read time

Compliance is a growing consideration for application security and must be managed.
Read More...

OWASP Top 10 Overview

By Erik Dietrich on June 22, 2020 OWASP

4 minute read time

Caroline Wong is a Chief Strategy Officer who teaches the OWASP Top 10. She uses memorable analogies to explain all ten.
Read More...

ZeroTrustOps: Securing at Scale

By Sylvia Fronczak on June 19, 2020 AppSec

5 minute read time

With zero trust, you assume everything on the network is unsafe. You have to check trust explicitly. This stance improves security throughout the SDLC.
Read More...

Workflow Automation: Publishing Artifacts to Nexus Repository using Jenkins Pipelines

By Dmitriy Akulov on June 12, 2020 AppSec

8 minute read time

Use Nexus Repo to create an automated workflow to build, store, organize, and monitor the compiled Maven artifacts through a CI server.
Read More...

Can Kubernetes Keep a Secret?

By Daniel Longest on June 10, 2020 AppSec

3 minute read time

Kubernetes Secrets store usernames and passwords as base-64 encoded strings. They are obscured from casual browsing, but this is the same as plaintext.
Read More...