Application Security

4 tips for those who want to invest in a career in Application Security

If you have become curious about the routine of an AppSec team and are considering this career, we have gathered 4 tips from Conviso specialists for those looking for a career in Application Security. 1 – Understand that AppSec goes far beyond Pentests. This tip came directly from our CEO, Wagner Elias. Application security is the name given to the process of building, launching and…
Read more

"Forgot your password?" - The problem with security questions

Why APIs can be a high risk for companies

Application Security

"Forgot your password?" - The problem with security questions

As developers, we have as focus to think about applications that are more and more secure, more and more efficient in keeping user data safe. After all, in these times of LGPD and GDPR, we have an obligation to think about security right from the start. The concern about application security in the early stages of development brings us a huge set of gains. As a complementary reading on this…
Read more

4 tips for those who want to invest in a career in Application Security

Why APIs can be a high risk for companies

Application SecurityTech

Why APIs can be a high risk for companies

When we look at the development world and its evolution in the last few years, we can say that one of the fields that had least followed the ending of barriers discourse was the one focused on API development. One of the interesting points regarding the APIs is that many developers, for not seeing the APIs as a web application, forget many of the security concepts and best practices built up to…
Read more

4 tips for those who want to invest in a career in Application Security

AppSec Flow Extension for Burp Suite

Application Security

The Application Security Market in Brazil

When Conviso was founded in 2008, secure software development was then a very undercovered topic. Back then, when the subject was software development, the focus was still on IT infrastructure. The Application Security market in Brazil was on its very, very early stages. It was the beginning of what we now know as cloud computing, in which the big cloud providers started to widely offer the…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

PFS - Perfect Forward Secrecy: what it is and why it matters

Before we start talking about Perfect Forward Secrecy (PFS), let’s understand a little bit about the context of how we got here. In the initial moments of using the Internet, in our communications between client and server there was little concern about maintaining security. This was not a focus at the time. Then, around 1994, a company called Netscape Communications Corporation…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

What is Application Security?

If you don’t work in tech or even if you’re not a tech enthusiast, you may be asking yourself: what exactly is application security? Application security is the name given to the process of building, launching and maintaining the applications secure – always through the best practices applied to development. You can also listen to the audio version of this article: This…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

Phishing scam using Conviso's name: don't fall for it!

In the past few days, a few customers have reported to us that they have been receiving phishing emails from scammers using Conviso’s name. In this type of fraud, the scammer tries to obtain a user’s personal and financial data, through the combined use of technical means and social engineering. From what we have seen, in this particular case, the scammers’ strategy is to try to…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

Webinar: PIX and the Secure Development

Much has been discussed about PIX, the new digital and instant Brazilian payment system developed by Banco Central (Bacen). However, have you ever stopped to think about the role of Secure Development within this new instant payment system? To address the topic, Conviso held a free webinar on the topic on October 29th. To avoid scams and fraud, how should fintechs and financial institutions…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions

Application Security

Which topics should an AppSec Training Contemplate?

The development market seems to be becoming more and more aware of the need for Application Security Training (AppSec). However, the market still looks for generic training, which often meet compliance issues, but do not add real value to development teams. Therefore, this article will present the characteristics and subjects for a good AppSec training. The Target Audience in AppSec…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions