infrastructure as code

infrastructure as code Coders Conquer Security developers developer training application security training appsec secure software development secure coding

Coders Conquer Security Infrastructure as Code Series - Business Logic

22nd June 2020

This vulnerability can occur when coders fail to properly implement business logic rules, which could leave their applications vulnerable to different kinds of attacks should a malicious user choose to exploit them.…

Matias Madou

infrastructure as code Coders Conquer Security application security appsec developer training secure software development secure coding secure coding techniques

Coders Conquer Security Infrastructure as Code Series - Using Components From Untrusted Sources

15th June 2020

The vulnerability-inducing behavior that we are going to focus on here is using code from untrusted sources, a seemingly benign practice that is causing big problems.…

Matias Madou

infrastructure as code Coders Conquer Security secure code secure coding application security application security training devsec devsecops

Coders Conquer Security Infrastructure as Code Series: Security Misconfiguration - Improper Permissions

8th June 2020

Security misconfigurations, especially those of the improper permissions variety, most often happen whenever a developer creates a new user or grants permission for an application as a tool in order to accomplish a task.…

Matias Madou

infrastructure as code Coders Conquer Security secure code secure coding application security application security training devsec devsecops ITLP

Coders Conquer Security Infrastructure as Code Series: Insufficient Transport Layer Protection

1st June 2020

At times, applications will also share data with other programs as part of an overall workload. Unless the transport layer is protected, it makes it vulnerable to both outside snooping and unauthorized internal viewing.…

Matias Madou

infrastructure as code developer training application security training secure code secure coding techniques appsec devsecops Coders Conquer Security

Coders Conquer Security Infrastructure as Code Series: Insecure Cryptography

25th May 2020

These days, having critical data like passwords, personal information and financial records hashed while at rest is a cornerstone of any cybersecurity defense.…

Matias Madou

Tags

Coders Conquer Security Infrastructure as Code Series - Business Logic

Coders Conquer Security Infrastructure as Code Series - Using Components From Untrusted Sources

Coders Conquer Security Infrastructure as Code Series: Security Misconfiguration - Improper Permissions

Coders Conquer Security Infrastructure as Code Series: Insufficient Transport Layer Protection

Coders Conquer Security Infrastructure as Code Series: Insecure Cryptography

Secure coding insights served fresh