Introduction to a security code challenge dedicated to developers and ethical hackers. This challenge focuses on identifying and fixing web API security vulnerabilities in a Python FastAPI-based restaurant API.
DevSecOps, Application Security technical articles and learning materials from experienced security engineers
Introduction to a security code challenge dedicated to developers and ethical hackers. This challenge focuses on identifying and fixing web API security vulnerabilities in a Python FastAPI-based restaurant API.
Intro Hi!The first edition of email-based DevSec Selection articles is here! This is actually the fourth iteration of the series, with previous editions published via LinkedIn. I hope you will enjoy this new format, with articles and their short summaries. I’m more than happy to get some feedback from you. Additionally, I plan to launch an…
At the beginning of 2023 Google released an open-source Software Composition Analysis tool — osv-scanner. In this article I'm presenting how it can be configured and utilised using popular open-source projects as examples.
Does DevSecOps Engineer need programming skills? What is the value of utilising Python for security purposes? What you need to learn to automate security at scale? This article will answer these questions.
This article presents mechanisms and ideas for detecting malicious applications installed on Android devices that abuse the AccessibilityService feature. It focuses on identifying these applications from the perspective of legitimate apps.
This article covers automated SBOM projects tracking with Dependency-Track. It presents how SBOM can be uploaded to Dependency-Track via API.
The guide presents how to deploy Dependency-Track with Docker Compose and Helm Charts in Kubernetes. It provides a review of Dependency-Track.
In this article, I’m presenting practical use cases for implementing SBOM generation and its benefits. The article covers the concept of SBOM, its advantages, popular formats and practical implementations for both Java and Python projects.
Presenting an introduction Static Application Security Testing with examples how SAST and secrets detection can be implemented in SDLC. This article covers what is SAST and its advantages. Furthermore, it describes how SAST can be included in various SDLC stages with real world examples.