Andrei Clear – WindowsTechs.com

any security baseline reference we can use? paid or free

Posted on January 9, 2023 by Andrei Clear

We are looking to provide our Devs and Ops with minimal security baseline requirements – reference materials that they should follow during coding/implementation/etc.
Maybe requirements based on NIST 800-53 – but NIST is too cumbersome – d… Continue reading any security baseline reference we can use? paid or free→

origin analysis / software composition analysis [closed]

Posted on April 16, 2020 by Andrei Clear

what are the best software to match against vulnerabilities in the 3rd party code that the software is using?

Continue reading origin analysis / software composition analysis [closed]→

What is the difference between "secure code review" and "secure static code analysis"?

Posted on April 13, 2020 by Andrei Clear

What are the subtle differences in both – as one could say that both are almost the same…

Static Code Analysis (also known as Source Code Analysis) is usually
performed as part of a Code Review (also known as white-box testing)
… Continue reading What is the difference between "secure code review" and "secure static code analysis"?→

what information security industry standards and government regulations relate to web pen testing? [closed]

Posted on April 11, 2020 by Andrei Clear

please share anything of relevance

thank you

https://en.wikipedia.org/wiki/Cybersecurity_standards

https://en.wikipedia.org/wiki/ISO/IEC_27001

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

The Security of Network &… Continue reading what information security industry standards and government regulations relate to web pen testing? [closed]→