Collaborate Disseminate
Image by S. Hermann & F. Richter from Pixabay
We covered several acronyms common in application security in a previous post: SAST, DAST, and SCA. We’ll continue our discussion on AppSec concepts today by focusing on IAST, IaC, and secrets.
Interact… Continue reading IAST, IaC, Secrets: A Guide to App Sec Tools
Scanning your code base frequently to discover security risk early in development gives engineers more time time to address issues. But security risk is a challenging issue and most developers need more than just time.
Consider:
Over 60% of identified… Continue reading Developer Education: Learning to Secure Code on Demand
We are pleased to announce that we have updated NG SAST to use the CPG deep analyzer for the analysis of Python applications!
Python applications and the vulnerabilities they contain
As of 2020, Python was the third most popular programming language i… Continue reading Static Analysis of Python Applications
Vue.js is a popular open-source JavaScript framework for building single-page applications and user interfaces. If you’re leveraging this lightweight framework for your apps, here are some security tips to keep in mind during and after development.
Fo… Continue reading AppSec Tips for Vue.js Users
Vue.js is a popular open-source JavaScript framework for building single-page applications and user interfaces. If you’re leveraging this lightweight framework for your apps, here are some security tips to keep in mind during and after development.
Fo… Continue reading AppSec Tips for Vue.js Users
Photo by Luis Gomes from Pexels
Do you know what dependencies your app is using? All of them? We recently wrote about managing npm dependencies, but Node.js developers aren’t the only ones who rely on third-party libraries, APIs, and more in their appl… Continue reading How to Start Tracking Your Application Dependencies
Part of the reason why Node.js is so appealing is that it allows for easy application extensibility; you focus on your core competencies, and if you need additional features or functionality, you can include them by adding dependencies.
There are mult… Continue reading Tips for Managing npm Dependencies
In this first part of a two-part post series, we’ll reconstruct a NoSQL injection and cover the basics of mitigating it. In the second part, we’ll look at Server-Side JavaScript and Blind Injection attacks against NoSQL databases.
If you&#… Continue reading Mitigating NoSQL Injection Attacks: Part 1