2022, Annual Penetration Testing Intelligence Report. Read Now

Web Application Security Testing Basics

If you pick up any periodical report on cyber attacks published by an organization or consortium, you will find that web applications are at the center stage of data breaches. With more businesses, either setting up their online presence or increasing it, the attack surface area for the perpetrators to exploit is increasing exponentially. On the other hand, it … Continued

Application Security Testing Best Practices – Part II

In our last post, we talked about some basic best practices that must be followed while performing security testing activities for an application. In this article, we will focus on application security testing best practices while working in a DevOps environment.  We have often seen that the internal security team and DevOps team often work in different … Continued

DevSecOps – Best Practices

Organizations who have combined development and operations (i.e. implemented DevOps) have been able to deploy the applications at a faster rate. With the increasing concerns for security, they are now looking for security solutions to integrate security in their development and operations processes. DevSecOps, integration of DevOps and security, is steadily getting popular along with slowly changing … Continued

DAST: Things You Should Know

The relationship between security testing and applications is a never-ending story. Even after an application is deployed, security testing activities are continuously carried out. Since absolute security is a myth, one can always strive to achieve the maximum level of security possible. Dynamic Application Security Testing, or DAST, helps a business by addressing the areas which … Continued

Penetration Testing at DevSecOps Speed

It is time to say goodbye to those times when security and privacy concerns used to be after-development activities or were ignored altogether. The intricacies of ever-evolving cyber space have made it an inherent responsibility for businesses across the world to incorporate security and privacy measures in their products and services. While businesses adapt to … Continued

Integrating OWASP ZAP in DevSecOps Pipeline

Security and innovations have often been at contrast positions when it comes to the development of new products and services. In a Rapid Application Development Cycle (DevSecOps), security teams often initiated DAST tools to locate vulnerabilities just before the launch of a new product or a new version of the previously-launched product. This became non-scalable … Continued

Penetration Testing and Security on Google Cloud

Amazon, Google is one of the leading cloud-based service providers and it offers more than 100 services around 12 major heads such as Computing, Storage & Database, Networking, Big Data, Data Transfer, API platform, IoT, Cloud AI, Management Tools, Developer Tools, Identity & Security, and Professional Services. Depending upon your needs, you can avail of … Continued

Introduction to DevSecOps

Introduction Ask any cybersecurity expert about the current threat landscape and you will find a similar statement in their answers i.e. number of threats has increased exponentially. It is expected that by 2021, cybercrime damages will cost $6 trillion. Along similar lines, the Ponemon Institute has found the average cost of a data breach to … Continued

Penetration Testing & DevOps

we looked at the present scenario in dynamic cyberspace and discussed the basics of security in DevOps i.e. DevSecOps along with benefits and best practices. Security can often be an afterthought when the primary motive is to innovate and develop products and services at a higher speed. However, considering the extent of damage that can … Continued