Application Security

Code Review & SAST - What's the Difference

After all, what is the difference between Secure Code Review and SAST? This is the first of two articles, where the approach is on why these two testshave constantly debates and discussion on their differences. In this first article, we will start by talking about automated analysis tools then we move on to Secure Code Review tools. The objective here is to present in a broad…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions


Conviso acquired

The technology developed by Gauntlet will be incorporated to the AppSec Flow, expanding the services spectrum in AppSec Conviso proudly announces the acquisition of Security, an application security testing company, whose technology is to complement the Continuous Application Security portfolio by Conviso. The approach for this acquisition is technical, since Gauntlet´s…
Read more

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

ekoparty 2013 - Wrap Up of 1st Day