Blog: Application Security

Application Security App Meta Security Information Read More
May 7, 2020 -

When we implement security programs, we often advise clients to build an inventory of their applications. There are a lot of things we can do when we know what our inventory is. We can do this right in the available tools developers are already using. This post covers one way to do this. App Inventory […]

Read More
Application Security Security Culture - OWASP Juice Shop Read More
April 9, 2020 -

In the latest video of our Security Culture series we talk about The OWASP Juice Shop. You can also listen in on our podcast. The OWASP Juice Shop is an amazing resource for both developers and folks working in application security (or those interested in learning application security!). It is easy to run. You can […]

Read More
Application Security Security Culture - Vulnerable Dependencies Read More
March 12, 2020 -

In the latest video of our Security Culture series we talk about software dependencies. You can also listen in on our podcast. The Basic Problem When we build software, we use lots of libraries that we didn’t write. They could be open source, they could be commercial, they could even be framework code provided by […]

Read More
Application Security Clojure Security and Signal Read More
November 27, 2019 -

As a developer focused consultancy, we thrive in situations where we work in new languages or try new or different things related to building apps. So when we had a chance to do some deeper security work with Clojure and specifically with Pedastal apps, we jumped at the chance. In this post, we walk through […]

Read More
Application Security Sharing Files with S3 Safely Read More
March 15, 2019 -

It seems to me like back in the day, all the companies we worked with shared files with FTP. Remember FTP? A surprising number of enterprise integrations patters depended on FTP and eventually SFTP. Nowadays, it seems like many companies have moved to Amazon S3 to share information. This post is about using S3 securely […]

Read More
Application Security What is an AppSec Program Read More
January 23, 2019 -

Most companies that we work with are building software. That’s not a surprise because that’s our niche. Yet a surprising number of those companies don’t know about application security programs. Even companies with sophisticated security teams often struggle with application security and don’t take a programmatic approach to it. Why? Because it is really hard […]

Read More
Application Security Technology and Security: AI, Cloud, IoT Read More
October 9, 2018 -

So … someone asked me the following question, so I figured I’d put my answer in a blog post. In what ways are evolving technology like cloud, AI, IoT affecting the cybersecurity landscape? What kind of cybersecurity threats and risks can they bring to the enterprise? As technology moves forward, it has huge implications on […]

Read More
Application Security Validating Search Engine Indexers Read More
October 1, 2018 -

Not all bots are created equal. Some bots are good, some bots are bad, and some bots are not what they appear to be. This article will discuss an aspect of bots that attempt to exploit the sensitive nature of SEO optimization rules. Fundamentals We love search engines. If it weren’t for search engines most […]

Read More
Application Security The Cost of AppSec Read More
May 30, 2018 -

Application security is a weird field.  On the one hand, most practitioners know that it plays a critically important part of any organizations security posture.  We see real issues all the time, problems that cause our customers real losses.  On the other hand, as a wise security leader once said: By the time the AppSec […]

Read More
Application Security Product Security in Github Issues Read More
May 4, 2018 -

As I've mentioned here in the past, we started working on a product in 2018 and we are getting really close to launching it more openly where people other than our initial (friendly) alpha customers can use it. The reaction has been awesome and we're encouraged. As I looked at our project, I realized we […]

Read More
© 2019-2022 Jemurai. All rights reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram