iast | The Blog Pros

January 24, 2020

How to Get Instant Java Web Security Vulnerability Alerts in GitHub

If you're building Java web applications or Java Web API's and you want to do your own security testing, wouldn't you rather not run a scanner and wait forever for a PDF report full of all false positives? And wouldn't it be great if those vulnerabilities showed up automatically in GitHub Issues?

We're going to set up automatic and extremely powerful security testing using a tool called Contrast Community Edition, which uses the latest IAST (Interactive Application Security Testing) technology. My company made CE free and full-strength for everyone in order to bring great security to all the developers in the world that can't afford commercial static and dynamic scanners.

January 14, 2020

DevSecOps, SecDevOps, or RainbowMonkeyUnicornPony? [Interview with DJ Schleen]

While DevOps is forging boldly into the future, security is still trailing those advances in many organizations. So it’s important that we understand how to apply notions of (traditionally static) security into environments that are built to foster continuous development. I, for one, would like to raise the torch to the fledgling category of DevSecOps and learn how it is successfully implemented by industry leaders. In the first of a series of interviews with DevSecOps community leaders, I chat with DJ Schleen, DevSecOps Advocate at Sonatype.

Helen: I think that the market is light on shared DevSecOps reference architectures to help the community learn and grow. Do you agree and what can we do about it?

DJ: There are a lot of missing pieces out there and I think it's because nobody really knows where to go with it. If you do a search for DevSecOps reference architectures, you're going to see that infinity logo with a bunch of locks around it which doesn't really tell you much. I’ve created this one, but the community does need to share. I think it's because people don't really know which community they're part of; are they part of Secure DevOps, SecDevOps, OpsSecDev? I think there's confusion. So you might see some security reference architectures, but I don't know if they're really taking into consideration flow across the whole technology value stream.

Lummi: Say Goodbye to Boring Stock Photos Forever
In Articles
Lummi is ending the era of boring stock photos by enhancing creative workflows with high-quality, royalty-free, AI-generated images. Dive in and learn how Lummi is going to help you create captivating and unique designs and change the way you create. […]
What is Hyvä Themes for Magento and Why Was It Created?
In Themes
Choosing the right ecommerce platform is important not only for online retailers. It’s important for businesses whose products are directly related to such platforms and must work with them shoulder-to-shoulder. Magento clearly stands out in... T... […]
WPBeginner Turns 15 Years Old – Reflections, Updates, and a Giveaway ($50,000 in Prizes)
In birthday giveaway, giveaway, wpbeginner birthday
It’s quite surreal to type that WPBeginner turns 15 years old today! Time flies when you’re having fun especially with such an amazing community of website owners, small businesses, and web professionals. YOU ARE the best part of WPBeginner! Like every year, I will take… Read More »

The post WPBeginner Turns 15 Years Old – Reflections, Updates, and a Giveaway ($50,000 in Prizes) first appeared on WPBeginner.
[…]
The Art of Manual Regression Testing
No categories
The tech world of software development is characterized by fast-paced and constant evolution. Code keeps changing, new features are introduced, and bugs are fixed frequently. These changes are crucial for improving the overall development structure. Ho... […]
Understanding Properties of Zero Trust Networks
No categories
Zero Trust is a well-known but 'hard-to-implement' paradigm in computer network security. As the name suggests, Zero Trust is a set of core system design principles and concepts that seek to eliminate the practice of implicit trust-based security. The ... […]

Proudly powered by WordPress