#whoami

I’m a Security Engineer and a Software Developer with a real passion to cybersecurity, especially Product and Application Security. I worked both on defensive and offensive sides of cybersecurity. As a Security Consultant, I performed hundreds of offensive security assessments against web and mobile applications. As a Security Engineer, I developed a number of dedicated solutions to secure applications within CI/CD pipelines.

I’m more than happy to share my knowledge and experience with security enthusiasts, engineers, software developers and anyone willing to learn.

Krzysztof Pranczk

Krzysztof Pranczk

Writer for DevSec Blog
Security Engineer

Latest Blog Posts

On the Blog I’m sharing my technical articles about my research work, popular tools for DevSecOps, vulnerability management tips and many other security related topics.

Web API Security Champion Part II: Broken Authentication (OWASP TOP 10)

Explaining one of the most common web API vulnerability classes - Broken Authentication in a practical manner. Providing a case study example based on the Damn Vulnerable RESTaurant API, including methods for identifying and preventing these vulnerabilities.

Comparing DefectDojo Pro and OWASP Edition for DevSecOps

A review of DefectDojo Pro — a paid version of a well-known vulnerability management solution: Does DefectDojo Pro address all the pain points of DefectDojo OWASP Edition?

Vulnerability Management with DefectDojo — is it great for DevSecOps?

Presenting capabilities of DefectDojo in context of Vulnerability Management for DevSecOps and traditional application security engineers.

Subscribe To DevSec Selection

DevSec Selection is a bi-weekly Newsletter with the latest outstanding articles related with DevSecOps and application security.

We don’t share your personal information with anyone or company. Check out Privacy Policy for more information.

DevSec Selection articles are also available at DevSec Blog.

Get In Touch

You can reach me through LinkedIn, Twitter or Medium