Collaborate Disseminate
I developed the following C# algorithm to prevent XSS attacks:
private bool Is_There_XSS_Payload(string arg)
{
Regex regex = new Regex(@"^[a-zA-Z0-9]+$");
bool result = regex.IsMatch(arg);
return result;
… Continue reading XSS Payload That Can Bypass Special Character Check
With the persistence of security issues in software development, there is an urgent need for software development companies to prioritize security in the software development life cycle.
The post Best ways to incorporate security into the software deve… Continue reading Best ways to incorporate security into the software development life cycle
Company wants to start improving security. Test team uses OWASP Zap tool (GUI version) to scan the new version for vulnerabilities. That usually takes between half an hour to 90 minutes.
How to include the scan in a CI/CD in a way it is fa… Continue reading How to include OWASP Zap in CI/CD
We are currently looking for a suitable training format to train our web developers in security related topics and secure coding. There are quite a few different providers and courses online. It is difficult to find out which one is the ri… Continue reading Recommended security training for Web Developers [closed]
I’ve been looking at OWASP Application Security Verification Standard 4.0.2 for a while now, and I’m trying to understand all the checkpoints in detail.
I am not sure what exactly the author of a particular point meant. Therefore, I have a… Continue reading How to interpret "Verify the use of a secure software development lifecycle that addresses security in all stages of development"?
As part of our secure SDLC, we are delivering security as security requirements directly into the backlog of an application team. The security requirements will directly correlate to the functional features being delivered in the iteration… Continue reading Should we build a generic security unit test suite
This is an excerpt from Out of the Wild: A Beginner’s Guide to Package and Dependency Management, a Sonatype Guide. This is the final installment. (Read part one and part two.)
So, why do I need a Binary Repository Manager?
Binary repository manag… Continue reading Why Do I Need a Binary Repository Manager?
I’m an academic researcher working on a project regarding security in software development, specifically more agile, but from a social and behavioural perspective rather than technical.
I’m been sharing an online survey but … Continue reading What should academic researchers know about software security? [closed]
Businesses are looking to optimize and accelerate their SDLC, in order to improve their operational efficiency and gaining a competitive edge.
The post Agile Security Is Now A Reality appeared first on Radware Blog.
The post Agile Security Is Now A … Continue reading Agile Security Is Now A Reality
Is architecture an old-school thought in cybersecurity at a time when DevOps, SRE and agile development methodologies are pushing an organization through rapid transformation? A mandate to follow a standard architecture can slow down project delivery … Continue reading Building an Architecture for a Strong Cybersecurity Posture