Sonatypes annual research “2020 State of the software supply chain” uncovers lots of great insights into the open source world. Open source is such a huge part of modern development that the headline stat of 430% increase year on year of attacks targeting open source projects should be a wake up call for all developers.
Open Source Under Attack
Aug 28, 2020 9:30:00 AM / by Leon O'Neill posted in SecurityManagement
Microservice Security - What you need to know
Aug 14, 2020 1:46:19 PM / by Hitesh Raja posted in SecurityManagement
A microservice architecture, often referred simply as microservices, is a set of services that are grouped in order to implement an application. Lately, development teams prefer microservices, as it facilitates continuous delivery for large applications and adapts easily to the organisation’s needs as its technology evolves and scales up with very minimal effort.
Cyber Security Basics Checklist - 10 steps for beginning your strategy
Aug 3, 2020 8:30:00 AM / by Leon O'Neill posted in SecurityManagement, Cybersecurity
In light of some of recent high-profile attacks; We wanted to share some basic cyber security tips for business of all sizes and provide a simple checklist so that you can audit your company’s cyber security strategy.
The ongoing changes of browser support for TLS 1.0 & 1.1
Apr 22, 2020 9:45:00 AM / by Janosch Maier posted in WebApplicationSecurity, SecurityManagement, VulnerabilityAssessment, Cybersecurity
TLS 1.0 and 1.1 have been around for quite some time. TLS 1.0 was released in 1999, TLS 1.1 in 2006. They both should not be used anymore!
There are well known attacks such as Padding Oracle Attacks or BEAST for those versions. That is why Crashtest Security shows TLS 1.0 & 1.1 as critical vulnerabilities.
This article shows general industry guidelines, the usage of the protocol versions, and how different browser vendors are handling the deprecation of TLS 1.0 and TLS 1.1. We also help you to remediate a website or application that still uses TLS 1.0 or 1.1.
How to choose and implement a great vulnerability assessment tool
Feb 18, 2019 6:41:00 PM / by Leonard Basse posted in SecurityManagement
… the project of web application security will never be truly finished!
The sheer range of solutions when it comes to web application security can be intimidating for CISOs, Development Managers or basically anyone dealing with vulnerable web applications.
How you can generate a positive ROI through web application security
Jan 28, 2019 8:55:00 AM / by Leonard Basse posted in SecurityManagement
The fact, that Cyber Crime is a serious threat and is becoming more and more costly and dangerous for companies is widely known by now. Most companies know, that cyber security is an issue, however the annual revenue of cyber crime still exceeds the investments in cyber security.
How all organisations can learn from the hacking attack on politicians & public figures
Jan 15, 2019 8:38:00 AM / by Leonard Basse posted in SecurityManagement
Politicians seem to enjoy the new ways of communication they can have through the internet. Communication is no longer a one way street from politicians to the public but more of a town hall meeting where everyone is invited to share their opinion. Of course this is mostly good, but this virtual proximity doesn’t come without downside risk.
The 5 Stages of a Data Breach
Nov 13, 2018 11:11:00 AM / by Leonard Basse posted in SecurityManagement
According to the 2018 Global Risk Report the World Economic Forum released this year, Cyberattacks are amongst the Top 5 Risks for Global Stability in terms of Likelihood and Impact. A data breach caused by a cyber attack can indeed have an incredible impact on any country, corporation or business owner.
The 6 most important web vulnerabilities that managers need to take care of
Sep 28, 2018 11:04:00 AM / by Leonard Basse posted in SecurityManagement
The world of IT security can get confusing with all the different vulnerabilities, exploits and newly emerging trends. In this article we summarise and shortly explain the top 6 most important web vulnerabilities that managers need to be aware of and tackle on a constant basis.
Digitalisation in Germany — Is there still hope?
Apr 11, 2018 8:18:00 AM / by Felix Brombacher posted in SecurityManagement
For more information on all topics around continuous security, visit our continuous security page:
.png?width=1024&name=DevSecOps%20-%20Pillar%20(3).png)