Application Security

Code Review and Pentest, What they are and when to use them

It is still common in the market to find companies with some doubts when it comes to safe development. For example, what are the differences between code review and pentest. One of these doubts is related to the correct moment of some types of tests execution in the safe development process. Thinking about it, we will present some concepts and information that we hope will clarify these…
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development

Application SecurityProduct

Integration with Jira and GitHub, a unified vision of vulnerabilities

During the development process it is showed the importance of having this service and integration tools so the process can flow in the most secure way. It is not different when we want our clients to go through the most secure development process, and one concern is the process of integration and the quantity of information generated by these tools. Many data, various tools One…
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development

Application Security

Application Security Differences - web and mobile

With the market of mobile application development (the famous “mobile apps”) growing considerably, attacks on mobile applications have also started to receive more attention, as already explained in our article on the mobile security scenario in 2020. As a result, many developers and security experts are increasingly looking to learn about security within mobile applications.
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development

Application Security

Structuring Governance with AppSec Flow

The AppSec market has had a high visibility in recent years. As a consequence, we have seen the emergence of new tools and platforms that seek to bring greater control to managers. However, we have also seen many platforms that are restructured and presented as a tool that delivers the most diverse solutions, in a generic way and without showing what basis of understanding their solutions are…
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development

Application Security

The Importance of Metrics in Application Security

Peter Drucker once said, “That which is not measured, is not improved.” He’s right – what we can’t understand, we can’t improve or even know if it’s working or not. When we apply that same thought to the secure development processes, we realize that few companies really understand what’s going on in their process. At most, they have a sense of the…
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development

Application Security

The importance of Communication in DevSecOps

The importance of Communication in DevSecOps Do you want to understand more about the importance of Communication in DevSecOps? Believe it: eliminate murmur between teams is important and may help to prevent risks to secure development. When thinking in DevSecOps, the first things that come to mind are Continuous Security, Secure Development and the Shift Left mode. After all…
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development

Application Security

3 errors in the secure coding process

Vulnerabilities are the result of human error. Many don’t like it, but most web application security issues are the result of errors during the coding process. Therefore, if we think more clearly, the best approach to creating secure software is to do everything possible to avoid errors in the development process. When we talk about training on the most common mistakes made by…
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development

Application Security

AppSec Failure: Authentication Breach

It is increasingly common to see that companies are projecting their solutions to web applications, transforming their business to be more digital and showing the importance of what is no longer a trend to become a market requirement. This is a great leap forward for everyone to have access to services and products that would often be difficult to find outside the Internet. However, we…
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development

Application SecurityMobile

Mobile Security scenario in 2020

According to a survey conducted by FGV (a Brazilian institution) in 2019, today there are 235 million smartphones in Brazil. And if we count digital devices, in general, we reach the number of 420 million. The penetration power of mobile devices in people’s lives is unquestionable. But how is the mobile security scenario in 2020? Nowadays Smartphones represent 56% of Brazilians&#8217…
Read more

Phishing scam using Conviso's name: don't fall for it!

Webinar: PIX and the Secure Development