Application Security

Vulnerability Management Process, what is it?

Here at Conviso we are always talking with our customers about the Vulnerability Management process, and we emphasize that this structure is extremely important when we talk about software security. However, we still find many managers and development professionals who understand vulnerability management as simply running a tool that will scan for vulnerabilities. Vulnerability Management…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

AppSecFlow - Vulnerability Management Process in a single Dashboard

The amount of information and data generated during the development process, or even when testing your systems is extremely important for good management performance. The lack or difficulty on finding information is, without a doubt, a point that takes as much for the vulnerability management process as for other secure development processes, a very big burden. It is not rare to find in…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

How vulnerability management works in AppSec Flow

A few years ago, the Conviso team realized that it needed to find a way to organize activities carried out with clients. It was necessary to put the analyses made in projects in order to centralize all the information and support a structured process of vulnerability management. So, in 2008 we created a first version of the product that is now called AppSec Flow. It was a platform focused on…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

SQL Injections are like digital cockroaches

Every 3 years we expect a new report generated by OWASP showing which vulnerabilities are most present on the Internet based on data from previous years. Two things are almost certain. The first is that to identify the 10 vulnerabilities we will have some very debatable points, as there is always a good discussion about which vulnerabilities should be added or removed. Second is that…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

AppSec Failure: Authentication Breach

It is increasingly common to see that companies are projecting their solutions to web applications, transforming their business to be more digital and showing the importance of what is no longer a trend to become a market requirement. This is a great leap forward for everyone to have access to services and products that would often be difficult to find outside the Internet. However, we…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

AppSec Flow: A complete DevSecOps platform

In our routine at Conviso, many new customers come to us with the same problem: they have already invested time and money in a number of cyber security tools, but still feel that they do not do the job completely. In some cases, the acquired tools require a usability that differs from an efficient development process. There are also those who report difficulties in maintaining a standard of…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application SecurityProduct

Integration with Jira and GitHub, a unified vision of vulnerabilities

During the development process it is showed the importance of having this service and integration tools so the process can flow in the most secure way. It is not different when we want our clients to go through the most secure development process, and one concern is the process of integration and the quantity of information generated by these tools. Many data, various tools One…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application SecurityProduct

Vulnerability Management - SAST & DAST Tools

At CONVISO we aim at quality and coding security. For this we look for better practices to complete all of our services with great effort. Therefore we defend that good testing, not only code review but also intrusion test, for instance, must have a direct participation of an expert analyst having a deep understand. This thought sometimes is misunderstood by clients and by the…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

The biggest challenges in AppSec

In our twelve years of experience, Conviso has been able to detect and help solve a number of application security challenges faced by our customers. That’s why we have decided to address in this article a list of those we meet very often when talking about secure development process. We are not going to deal at this time with issues such as vulnerability problems, scalability…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions