Featured Blog Posts

Featured technical articles on my research work, popular DevSecOps tools, vulnerability management tips, and other security-related topics. For more, visit the blog.

Does DevSecOps Engineer need programming skills? What is the value of utilising Python for security purposes? What you need to learn to automate security at scale? This article will answer these questions.
March 27, 2024

Python for DevSecOps and Any Security Engineer

Screenshot Presenting CycloneDX JSON
March 7, 2024

A Practical Approach to SBOM in CI/CD Part I — CycloneDX

Presenting an introduction Static Application Security Testing with examples how SAST and secrets detection can be implemented in SDLC. This article covers what is SAST and its advantages. Furthermore, it describes how SAST can be included in various SDLC stages with real world examples.
February 20, 2024

Introduction to Security in SDLC with SAST for Developers and Security Engineers

A Practical Approach to SBOM

This article covers automated SBOM projects tracking with Dependency-Track. It presents how SBOM can be uploaded to Dependency-Track via API.
March 7, 2024

A Practical Approach to SBOM in CI/CD Part III — Tracking SBOMs with Dependency-Track

Dependency-Track
March 7, 2024

A Practical Approach to SBOM in CI/CD Part II — Deploying Dependency-Track

Screenshot Presenting CycloneDX JSON
March 7, 2024

A Practical Approach to SBOM in CI/CD Part I — CycloneDX

Web API Security Champion Series

Presenting an Unrestricted Resource Consumption vulnerability class using a password reset feature as an example.
June 17, 2024

Unrestricted Resource Consumption in a Password Reset — Web API Security Champion Part IV

Broken Object Property Level presented in a practical way with methods for identifying and preventing vulnerabilities based on OWASP.
May 26, 2024

Web API Security Champion Part III: Broken Object Property Level Authorization (OWASP TOP 10)

Explaining one of the most common web API vulnerability classes - Broken Authentication in a practical manner. Providing a case study example based on the Damn Vulnerable RESTaurant API, including methods for identifying and preventing these vulnerabilities.
May 6, 2024

Web API Security Champion Part II: Broken Authentication (OWASP TOP 10)

Subscribe To DevSec Selection

DevSec Selection is a bi-weekly Newsletter with the latest outstanding articles related with DevSecOps and application security.

We don’t share your personal information with anyone or company. Check out Privacy Policy for more information.

DevSec Selection articles are also available at DevSec Blog.

Get In Touch

You can reach me through LinkedIn, Twitter or Medium

LinkedIn

https://www.linkedin.com/in/krzysztof-pranczk/

X / Twitter

https://twitter.com/theownI7

Medium

https://medium.com/@theowni