infrastructure as code

infrastructure as code secure code warrior secure coding cloud security appsec

Expert Interview: Infrastructure as Code with Oscar Quintas

10th September 2020

We’d like to shine the spotlight on one of our experts, Oscar Quintas. He’s part of our Product Content team, working as a Senior Security Researcher. He’s also our resident sorcerer on all things Infrastructure as Code (IaC).…

Matias Madou

infrastructure as code secure coding cloud security vulnerability devsecops appsec application security training secure code training

Death by Doki: A new Docker vulnerability with serious bite (and what you can do about it)

25th August 2020

Cyberattacks are only getting more frequent, and threats affecting Linux-based infrastructure are becoming more common, with the end goal being an opportunity to crack open a loot chest of sensitive data stored in the cloud.…

Matias Madou

infrastructure as code Coders Conquer Security developers developer training application security training appsec secure software development secure coding

Coders Conquer Security Infrastructure as Code Series - Business Logic

22nd June 2020

This vulnerability can occur when coders fail to properly implement business logic rules, which could leave their applications vulnerable to different kinds of attacks should a malicious user choose to exploit them.…

Matias Madou

infrastructure as code Coders Conquer Security application security appsec developer training secure software development secure coding secure coding techniques

Coders Conquer Security Infrastructure as Code Series - Using Components From Untrusted Sources

15th June 2020

The vulnerability-inducing behavior that we are going to focus on here is using code from untrusted sources, a seemingly benign practice that is causing big problems.…

Matias Madou

infrastructure as code Coders Conquer Security secure code secure coding application security application security training devsec devsecops

Coders Conquer Security Infrastructure as Code Series: Security Misconfiguration - Improper Permissions

8th June 2020

Security misconfigurations, especially those of the improper permissions variety, most often happen whenever a developer creates a new user or grants permission for an application as a tool in order to accomplish a task.…

Matias Madou

Tags

Coders Conquer Security Infrastructure as Code Series - Business Logic

Coders Conquer Security Infrastructure as Code Series - Using Components From Untrusted Sources

Coders Conquer Security Infrastructure as Code Series: Security Misconfiguration - Improper Permissions

Secure coding insights served fresh