DevOps.com

Where the world meets DevOps

Tag: OWASP

dynamic

DevSecOps Implementation: Dynamic Scans

| | application vulnerabilities, devops implementation, devsecops, Dynamic Application Security Testing, OWASP
This is the third installment in this series on DevSecOps. Read the first installment, on static analysis, here and the second installment, on source composition analysis, here. One weakness of static analysis ...
source composition analysis

DevSecOps Implementation: Source Composition Analysis

| | application vulnerabilities, NVD, open source licensing, open source vulnerabilities, OWASP, Source Code Analysis
This is the second installment in this series on DevSecOps. Read the first installment, on Static Analysis, here. One of the better additions to security in recent years is source composition analysis ...
OWASP API Security

Breaking Down the OWASP API Security Top 10, Part 2

| | API, API security, database management systems, injection vulnerability, OWASP, personal identifiable information, SQL injection
Due to the widespread usage of APIs, and the fact that attackers realize APIs are a new attack frontier, the OWASP API Security Top 10 Project was launched. From the beginning, the ...
Breaking Down the OWASP API Security

Best of 2019: Breaking Down the OWASP API Security Top 10, Part 1

| | API, API security, authentication endpoints, OWASP, secure coding
As we close out 2019, we at DevOps.com wanted to highlight the five most popular articles of the year. Following is the fifth in our weeklong series of the Best of 2019 ...
DevOps and Security Shield Your Application

DevOps and Security: Be Ready to Shield Your Application

| | application security, CI/CD pipelines, devops tools, devsecops, Jenkins, OWASP, software security
All of us have heard of continuous improvement/continuous delivery (CI/CD). There are many benefits to implementing CI/CD, as it helps seamless integration from end to end for development and deployment processes. CI/CD ...

Protego Spearheads Launch of the OWASP Official Serverless Top 10 Project

| | application attacks, OWASP, Protego Labs, serverless
Report to Educate Application Security Practitioners on Serverless Application Risks and Mitigation Techniques  Baltimore, Maryland - The Open Web Application Security Project (OWASP) released today the official OWASP Serverless Top 10 project initiated ...