DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • DevOps Chats
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Communities
    • AWS Community Hub
    • CloudBees
    • IT as Code
    • Rocket on DevOps.com
    • Traceable on DevOps.com
    • Quali on DevOps.com
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DevSecOps
  • DevOps Onramp
  • Practices
  • ROELBOB
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps

Tag: OWASP

OWASP DevSecOps vulnerabilities security Pulumi DevSecOps Analyzing Code for Security Vulnerabilities

The Everything-As-Code Revolution and the OWASP Top 10

Aakash Shah | August 4, 2022 | application development, as-code, devsecops, OWASP
After years of stagnation, the Open Web Application Security Project (OWASP) Top 10 list finally saw some shakeup. Most notably, insecure design debuted on the list as the number four security risk ...
OWASP

What the New OWASP Top 10 Changes Mean to Devs

Pankaj Gupta | June 23, 2022 | application security, AppSEcurity, devops, log4j, OWASP, security, ShiftLeft, SSRF, WAF
The open web application security project (OWASP) recently updated its top 10 list of the most critical security risks to web applications after four years. It represents the most radical shake-up since ...
OWASP

What Is OWASP?

Mitch Ashley | January 11, 2021 | OWASP, OWASP static code analysis, OWASP Top 10, perforce, what is OWASP
With cybersecurity attacks rising, it is important for you to enforce secure software best practices, like OWASP and the OWASP Top 10. OWASP helps you to safeguard your code against software security ...
CodeLogic scanning Contrast Security secrets scan dynamic

DevSecOps Implementation: Dynamic Scans

Don Macvittie | November 30, 2020 | application vulnerabilities, devops implementation, devsecops, Dynamic Application Security Testing, OWASP
This is the third installment in this series on DevSecOps. Read the first installment, on static analysis, here and the second installment, on source composition analysis, here. One weakness of static analysis ...
source composition analysis

DevSecOps Implementation: Source Composition Analysis

Don Macvittie | November 16, 2020 | application vulnerabilities, NVD, open source licensing, open source vulnerabilities, OWASP, Source Code Analysis
This is the second installment in this series on DevSecOps. Read the first installment, on Static Analysis, here. One of the better additions to security in recent years is source composition analysis ...
OWASP API Security

Breaking Down the OWASP API Security Top 10, Part 2

Erez Yalon | January 3, 2020 | API, API security, database management systems, injection vulnerability, OWASP, personal identifiable information, SQL injection
Due to the widespread usage of APIs, and the fact that attackers realize APIs are a new attack frontier, the OWASP API Security Top 10 Project was launched. From the beginning, the ...
Breaking Down the OWASP API Security

Best of 2019: Breaking Down the OWASP API Security Top 10, Part 1

Erez Yalon | January 1, 2020 | API, API security, authentication endpoints, OWASP, secure coding
As we close out 2019, we at DevOps.com wanted to highlight the five most popular articles of the year. Following is the fifth in our weeklong series of the Best of 2019 ...
DevOps and Security Shield Your Application

DevOps and Security: Be Ready to Shield Your Application

Debarghya Pandit | April 16, 2019 | application security, CI/CD pipelines, devops tools, devsecops, Jenkins, OWASP, software security
All of us have heard of continuous improvement/continuous delivery (CI/CD). There are many benefits to implementing CI/CD, as it helps seamless integration from end to end for development and deployment processes. CI/CD ...

Protego Spearheads Launch of the OWASP Official Serverless Top 10 Project

DevOps.com | November 19, 2018 | application attacks, OWASP, Protego Labs, serverless
Report to Educate Application Security Practitioners on Serverless Application Risks and Mitigation Techniques  Baltimore, Maryland - The Open Web Application Security Project (OWASP) released today the official OWASP Serverless Top 10 project initiated ...

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

The State of SRE
Monday, August 8, 2022 - 1:00 pm EDT
DevOps Institute's 2022 Global SRE Pulse Survey
Tuesday, August 9, 2022 - 11:00 am EDT
VSM, an Ideal Framework for Continuous Security Dashboards
Wednesday, August 10, 2022 - 11:00 am EDT

Latest from DevOps.com

Putting the Security Into DevSecOps
August 5, 2022 | Ross Moore
Recession! DevOps Hiring Freeze | Data Centers Suck (Power) | Intel to ‘be’ Wi-Fi 7
August 4, 2022 | Richi Jennings
Orgs Struggle to Get App Modernization Right
August 4, 2022 | Mike Vizard
GitHub Adds Tools to Simplify Management of Software Development
August 4, 2022 | Mike Vizard
The Everything-As-Code Revolution and the OWASP Top 10
August 4, 2022 | Aakash Shah

Get The Top Stories of the Week

  • View DevOps.com Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Download Free eBook

The Automated Enterprise
The Automated Enterprise

Most Read on DevOps.com

API Gateway Vs. Service Mesh: What’s the Difference?
August 1, 2022 | Grace Lau
A Guide to Cloud Migration Trends and Strategies
August 1, 2022 | Ganesh Datta
Recession! DevOps Hiring Freeze | Data Centers Suck (Power) ...
August 4, 2022 | Richi Jennings
Developer-led Landscape & 2022 Outlook
August 3, 2022 | Alan Shimel
Three Key Steps To Going Multi-Cloud
August 2, 2022 | Aran Khanna

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2022 ·Techstrong Group, Inc.All rights reserved.