Articles

Cloud Compliance Explained

What is cloud compliance, and how do you bring your cloud environment into compliance with different standards and controls whilst following best practices?

White box testing basics: Identifying security risks early in the SDLC

This article will help you to understand what white box testing is, the pros and cons, and techniques for white box testing.

Benefits of security analytics

Learn more about security analytics, a proactive security approach that detects advanced security threats with artificial intelligence and machine learning.

Software Security Explained

Learn more about software security, proper tools and processes to identify and remediate software bugs. Connection to application security, secure SDLC and more.

Understanding Security Automation

Learn more about security automation, a practical necessity for any successful software operation. Identify incoming cyberthreats and prioritize remediation actions.

Agile SDLC: Benefits and implementation

The Agile methodology relies on short, targeted tasks and frequent status check-ins with decision-makers to accelerate software projects

Implementing Shift Left Security Effectively

Learn more about shift left security, the dangers of keeping security right, and some best practices and tools for getting started.

9 Password Storage Best Practices

Secure password storage is a challenge for every organization — whether a small startup or a major corporation.

Complete Guide to Application Security: Tools & Best Practice

Application Security is defined as the actions taken during the development lifecycle of an application to reduce vulnerabilities, improve security, and protect sensitive data.

Vulnerability Assessment: Tools and Steps to Improve Security Posture

Learn more about vulnerability assessment to stay secure and efficiently evaluate the state of security weaknesses and flaws in your systems and environments.

Vulnerability scanner: what is it and how does it work?

Learn more about vulnerability scanners, including the top 3 types and categories, how they work, and how to choose the right vulnerability scanning tool.

What is CI/CD? CI/CD pipeline and tools explained

Learn more about CI/CD continuous integration and continuous delivery, CI/CD pipeline, and framework. CI/CD as the foundation for DevSecOps.

Software Development Life Cycle (SDLC): Phases and Methodologies

Learn more about SDLC (Software Development Life Cycle) phases and methodologies that define the entire software development procedure step-by-step.

What is the MIT License?

Learn more about the MIT License - one of the simplest open source license agreements - and integrate license compliance into your existing workflows.

OpenCart Vulnerability Research (v4.0.2.3/3.0.3.9)

Discover the security vulnerabilities in OpenCart's admin and customer functionalities, including XSS, Zip Slip, and SQL Injection exploits. Learn how these flaws impact e-commerce systems and how attackers can exploit them for remote code execution.

Static code analysis explained & best tools

Learn how to use the best Static Code Analysis tools to prevent security incidents that often slip through the cracks in production.

Simple Doesn't Always Mean Secure: Avoid this Golang XSS Pattern

Cross-site scripting (XSS) attacks are a web vulnerability that allows attackers to inject malicious scripts into web pages. Learn how to prevent and fix XSS scripting in Golang.

SAST vs. DAST: what is the difference and how to combine the two?

Dynamic security testing (DAST) uses the opposite approach of SAST. Whereas SAST tools rely on white-box testing, DAST uses a black-box approach.

Guide to Software Composition Analysis: 5 key challenges of SCA

The code driving many—in fact, most—applications today includes open source components.

Apache License 2.0 Explained

Learn more about the Apache License 2.0 uses, benefits, and requirements for use in your open source projects while maintaining compliance.