Fosstodon

Jakub WołynkoHi there,If you will be able to use any tech stack for <a href="https://mastodon.social/tags/cicd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cicd</a> what you will use? I’m especially interested in <a href="https://mastodon.social/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a> part, for static part <a href="https://mastodon.social/tags/trivy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trivy</a> and <a href="https://mastodon.social/tags/checkov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#checkov</a> seems to be solid partners, but for dynamic scans I’m still searching…<a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>

kingthorin_rmThe <a href="https://infosec.exchange/@zaproxy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@zaproxy</a> team did some stuff in March 😎 You can get the details here:<a href="https://www.zaproxy.org/blog/2025-04-02-zap-updates-march-2025/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.zaproxy.org/blog/2025-04-02-zap-updates-march-2025/</a><a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAppSec</a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a>

kingthorin_rmGiant set of <a href="https://infosec.exchange/tags/zaproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zaproxy</a> add-on releases this morning. Including many fixes and improvements.<a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAppSec</a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeam</a> <a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAppSec</a>

kingthorin_rmAccording to my VM update this morning <a href="https://infosec.exchange/@zaproxy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@zaproxy</a> 2.16.0 is now available on <a href="https://infosec.exchange/@kalilinux" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@kalilinux</a> <a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a> <a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAppSec</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeam</a> <a href="https://infosec.exchange/tags/PurpleTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PurpleTeam</a>

TechSplicer🛡️ Security Scanner for Web Applications 🔒 Privacy-First Security Analysis 👩‍💻 Built by Developers, for Developers Try it now: <a href="https://webscan.dev" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://webscan.dev</a><a href="https://mastodon.social/tags/SecurityTools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityTools</a> <a href="https://mastodon.social/tags/WebSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSec</a> <a href="https://mastodon.social/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a>

HabrБазовая настройка SAST и DAST для django в gitlab cicd: как быстро внедрить решения по безопасностиПривет, меня зовут Егор и я Tech Lead в компании ИдаПроджект :) Занимаюсь стратегией, процессами и командами в направлении backend разработки. Сегодня расскажу вам о базовой настройке SAST и DAST для django в gitlab cicd. В разработке использование SAST (Static Application Security Testing) и DAST (Dynamic Application Security Testing) в последние годы стало уже стандартом. На эту тему есть уже довольно много материала на habr, но я хочу сконцентрироваться на быстром и базовом внедрении решения по безопасности в следующий стек технологий: Infrastructure: Docker, Docker Compose, GitLab, GitLab CI/CD Backend: Python, Django с использованием Poetry Frontend: Vue.js, Nuxt.js Погнали!<a href="https://habr.com/ru/companies/idaproject/articles/868060/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://habr.com/ru/companies/idaproject/articles/868060/</a><a href="https://zhub.link/tags/sast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sast</a> <a href="https://zhub.link/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a> <a href="https://zhub.link/tags/django" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#django</a> <a href="https://zhub.link/tags/gitlab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#gitlab</a>

HabrСмешивать, но не взбалтывать. Как мы добавили Sec между Dev и OpsПривет, Хабр! Меня зовут Натали Дуботолкова, я старший инженер по разработке безопасного программного обеспечения в Basis. Хочу рассказать о том, как мы задумались над интеграцией работы безопасников непосредственно в процесс разработки и к чему это привело, а также о том, какие методы и инструменты использовали в ходе интеграции и используем сейчас.<a href="https://habr.com/ru/companies/basis/articles/869648/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://habr.com/ru/companies/basis/articles/869648/</a><a href="https://zhub.link/tags/devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devops</a> <a href="https://zhub.link/tags/devsecops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devsecops</a> <a href="https://zhub.link/tags/%D0%BF%D0%BE%D0%B8%D1%81%D0%BA_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#поиск_уязвимостей</a> <a href="https://zhub.link/tags/%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%B0%D1%8F_%D1%80%D0%B0%D0%B7%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B0" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#безопасная_разработка</a> <a href="https://zhub.link/tags/%D0%B8%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D1%8B_%D1%82%D0%B5%D1%81%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#инструменты_тестирования</a> <a href="https://zhub.link/tags/sast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sast</a> <a href="https://zhub.link/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a> <a href="https://zhub.link/tags/fuzzing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fuzzing</a> <a href="https://zhub.link/tags/%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%B9%D0%BD%D0%B5%D1%80%D1%8B" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#контейнеры</a>

kingthorin_rm<a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAppSec</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a> <a href="https://infosec.exchange/tags/PurpleTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PurpleTeam</a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://infosec.exchange/tags/zaproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zaproxy</a>

kingthorin_rm<a href="https://www.zaproxy.org/blog/2024-11-11-powering-up-dast-with-zap-and-noir/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.zaproxy.org/blog/2024-11-11-powering-up-dast-with-zap-and-noir/</a><a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/zaproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zaproxy</a>

ZAPWe have restarted the ZAP monthly blog posts: <a href="https://www.zaproxy.org/blog/2024-11-01-zap-updates-october-2024/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.zaproxy.org/blog/2024-11-01-zap-updates-october-2024/</a> <a href="https://infosec.exchange/tags/zaproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zaproxy</a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://infosec.exchange/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a>

kingthorin_rmGet the latest on <a href="https://infosec.exchange/@zaproxy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@zaproxy</a>'s future from <a href="https://infosec.exchange/@psiinon" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@psiinon</a> & Ori Bendet via <a href="https://bird.makeup/users/scmagazine" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@scmagazine</a> and Application Security Weekly podcast <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAppSec</a> <a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/PenTesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTesting</a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeam</a><a href="https://www.scworld.com/podcast-segment/13268-the-future-of-zed-attack-proxy-simon-bennetts-ori-bendet-asw-302" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.scworld.com/podcast-segment/13268-the-future-of-zed-attack-proxy-simon-bennetts-ori-bendet-asw-302</a>

HabrВнедряем DevSecOps в процесс разработки. Часть 4. Этап Test-time Checks, обзор инструментовПривет! На связи Олег Казаков из Spectr . В предыдущей части статьи я рассказал о контроле безопасности артефактов сборки в процессе проверки на безопасность. Сегодня поговорим о следующем этапе DevSecOps — Test-time Checks. Узнать больше про DevSecOps<a href="https://habr.com/ru/companies/spectr/articles/836004/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://habr.com/ru/companies/spectr/articles/836004/</a><a href="https://zhub.link/tags/devsecops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devsecops</a> <a href="https://zhub.link/tags/devsecops_services" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devsecops_services</a> <a href="https://zhub.link/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a> <a href="https://zhub.link/tags/owasp_zap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#owasp_zap</a> <a href="https://zhub.link/tags/owasp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#owasp</a>

HabrРеализация сервиса сканирования на основе OWASP ZAPДля защиты цифровых активов организаций важно оперативно выявлять и устранять уязвимости. Инструменты оценки уязвимостей автоматизируют этот процесс, позволяя эффективно находить слабые места в системах и приложениях. Привет! Меня зовут Никита, я занимаюсь информационной безопасностью в RuStore. Сегодня расскажу о том, как мы создали свой сервис сканирования уязвимостей на базе OWASP ZAP, с какими трудностями столкнулись и какие подходы применили для их решения.<a href="https://habr.com/ru/companies/vk/articles/829030/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://habr.com/ru/companies/vk/articles/829030/</a><a href="https://zhub.link/tags/zap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zap</a> <a href="https://zhub.link/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a> <a href="https://zhub.link/tags/%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#сканирование_уязвимостей</a> <a href="https://zhub.link/tags/%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#безопасность</a> <a href="https://zhub.link/tags/%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%B0%D1%8F_%D1%80%D0%B0%D0%B7%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B0" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#безопасная_разработка</a> <a href="https://zhub.link/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://zhub.link/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://zhub.link/tags/application_security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#application_security</a> <a href="https://zhub.link/tags/%D0%B4%D0%B8%D0%BD%D0%B0%D0%BC%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9_%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D0%B7" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#динамический_анализ</a>

ZAPDo you use DAST from one of the many companies which build on top of ZAP but do not support us? Please encourage them to support us now! <a href="https://www.zaproxy.org/third-party-services/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.zaproxy.org/third-party-services/</a> <a href="https://infosec.exchange/tags/zaproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zaproxy</a> <a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a>

kingthorin_rmNew <a href="https://infosec.exchange/@zaproxy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@zaproxy</a> community tip provided by yours truly (hit the GitHub link below).<a href="https://infosec.exchange/tags/zaproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zaproxy</a> <a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAppSec</a><a href="https://github.com/zaproxy/community-scripts/tree/main/other/tips/selenium/edge" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/zaproxy/community-scripts/tree/main/other/tips/selenium/edge</a>

ZAPZAP 2.15.0 is now available! Read all about it: <a href="https://www.zaproxy.org/blog/2024-05-07-zap-2-15-0/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.zaproxy.org/blog/2024-05-07-zap-2-15-0/</a> <a href="https://infosec.exchange/tags/zaproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zaproxy</a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://infosec.exchange/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a>

Habr<Cookie> ctrl+c ctrl+v: автоматизируем прохождение авторизации в DASTПривет, Хабр! С вами Анастасия Березовская, инженер по безопасности процессов разработки приложений в Swordfish Security. В этой статье мы разберемся, как пройти авторизацию в DAST-сканере с помощью прокси. Почему мы решили взяться за эту тему? Сейчас расскажем.<a href="https://habr.com/ru/companies/swordfish_security/articles/811821/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://habr.com/ru/companies/swordfish_security/articles/811821/</a><a href="https://zhub.link/tags/%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F_%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#информационная_безопасность</a> <a href="https://zhub.link/tags/%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C_%D0%B2%D0%B5%D0%B1%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#безопасность_вебприложений</a> <a href="https://zhub.link/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a> <a href="https://zhub.link/tags/%D1%81%D0%BA%D0%B0%D0%BD%D0%B5%D1%80_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#сканер_уязвимостей</a> <a href="https://zhub.link/tags/%D0%B0%D1%83%D1%82%D0%B5%D0%BD%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D1%8F" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#аутентификация</a> <a href="https://zhub.link/tags/%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#скрипт</a> <a href="https://zhub.link/tags/%D0%BF%D1%80%D0%BE%D0%BA%D1%81%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#проксирование</a>

Arthur Lutz (Zenika)🎉 J'ai fini le "Learning Path" DevSecOps sur TryHackMe ! 🏆 Une certification de plus ! <a href="https://tryhackme.com/path/outline/devsecops" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://tryhackme.com/path/outline/devsecops</a>Super ateliers et contenus sur la supply chain, la sécurité dans la CI/CD, les outils de detection de failles, le hardening de conteneurs, docker, kubernetes, et même sur du terraform. <a href="https://pouet.chapril.org/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://pouet.chapril.org/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://pouet.chapril.org/tags/TryHackMe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TryHackMe</a> <a href="https://pouet.chapril.org/tags/Gitlab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Gitlab</a> <a href="https://pouet.chapril.org/tags/Jenkins" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Jenkins</a> <a href="https://pouet.chapril.org/tags/CICD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CICD</a> <a href="https://pouet.chapril.org/tags/SAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SAST</a> <a href="https://pouet.chapril.org/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a>

HabrИдеальный кейс внедрения DevSecOps. Так бывает?Привет, на связи отдел безопасной разработки СИГМЫ (ОБР). И хоть наша команда сформировалась относительно недавно, мы уже приобщились к «вечному» — а именно «противостоянию» разработки и безопасников. Если вы читаете эту статью, скорее всего такое знакомо и вам. Но иногда в этом взаимодействии формируются настоящие бриллианты. И сегодня речь пойдет как раз о таком кейсе.<a href="https://habr.com/ru/companies/sigma/articles/808999/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://habr.com/ru/companies/sigma/articles/808999/</a><a href="https://zhub.link/tags/it_security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#it_security</a> <a href="https://zhub.link/tags/dast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dast</a> <a href="https://zhub.link/tags/sast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sast</a> <a href="https://zhub.link/tags/fuzzing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fuzzing</a> <a href="https://zhub.link/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://zhub.link/tags/%D1%83%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#устранение_уязвимостей</a> <a href="https://zhub.link/tags/%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%B0%D1%8F_%D1%80%D0%B0%D0%B7%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B0" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#безопасная_разработка</a> <a href="https://zhub.link/tags/%D1%80%D0%B0%D0%B7%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B0_%D0%BF%D0%BE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#разработка_по</a> <a href="https://zhub.link/tags/%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F_%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#информационная_безопасность</a> <a href="https://zhub.link/tags/devsecops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devsecops</a>

Jack PollerIs it reasonable to expect developers to be domain-specific experts, design experts, development experts, *and* security experts?NightVision joins the crowded and growing field of vendors alleviating the code security burden by providing a Web and API security testing system.Surprisingly, NightVision does not market AI as its magic sauce or as the panacea for developers lacking cybersecurity expertise.And NightVision just raised $5.4M seed funding.<a href="https://infosec.exchange/tags/DAST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DAST</a> <a href="https://infosec.exchange/tags/APIsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIsecurity</a> <a href="https://infosec.exchange/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSecurity</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/funding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#funding</a><a href="https://www.securityweek.com/nightvision-raises-5-4-million-for-application-security-testing/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.securityweek.com/nightvision-raises-5-4-million-for-application-security-testing/</a>

Recent searches

Search options

Administered by:

Server stats:

#dast