Skip to content

AppSec Observer: DevOps (5)

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe Now
    Topics
    A New, Open Source Tool Proves: Even After Patching, Deserializing Will Still Kill You

    A New, Open Source Tool Proves: Even After Patching, Deserializing Will Still Kill You

    With all the talk about Java serialization vulnerabilities, I thought I'd share a new, open source tool I built for you..

    The Fast, Free, Fantastic Way to Find Cross-Site Scripting (XSS)

    The Fast, Free, Fantastic Way to Find Cross-Site Scripting (XSS)

    What Is XSS? Cross-site scripting (XSS) is really pretty simple. Any time untrusted data ends up an HTML page without..

    The 10 Most Important Security Controls Missing in JavaEE

    The 10 Most Important Security Controls Missing in JavaEE

    JavaEE has some excellent built-in security mechanisms, but they don’t come close to covering all the threats that your..

    Five Application Security New Year's Resolutions Every Developer Can Make

    Five Application Security New Year's Resolutions Every Developer Can Make

    New Year's Resolutions can be tricky, and advice abounds on how you can do a better job at keeping them. For the sake..

    Automating AppSec

    Automating AppSec

    As developers, we have tools that we use every day to make ourselves more efficient. We use tools like Maven for..

    Prev 1 2 3 4 5