Introduction The purpose of this article is to highlight the role of DefectDojo [1] in vulnerability management, showcasing its effectiveness as a tool for streamlining security processes and its value for the developers, security auditor/penetration tester and managers. DefectDojo plays…
Summary In summary, this article explains two regulations from the European Union, The Digital Operational Resilience Act (DORA) and NIS 2 Directive. DORA focuses on enhancing the digital resilience of financial entities, mandating robust risk management, system testing, and third-party…
Summary In summary, this article has the purpose to explain to the reader, the importance of Business Continuity Management (BCM) to ensure resilience. The article starts by explaining what a BCM is and the various concepts that it encompasses. With…
Summary In summary, this article has the purpose to explain to the reader, the importance of security testing in early development stages and the various strategies. The article starts by explaining what application security is, the traditional way of testing…
Summary The increasing integration of Artificial Intelligence (AI) into programming is fundamentally transforming the way software is conceived and developed. With advances in generative AI, exemplified by foundational models like OpenAI Codex, Github Copilot, and Google's DeepMind AlphaCode, programmers are…
We are delighted to announce that we have formalised our strategic partnership with IriusRisk. This will allow us to enrich our service portfolio and offer, strengthening our capacity for a fast and scalable response in providing Threat Modeling services by design and by…
Balwurk, a consultancy company dedicated to providing application security services, is moving steadily forward in its quest to deliver excellence in AppSec & Cloud Security. To achieve this goal, we are pleased to announce our recent partnership with Check Point…
Modern cyber-criminal gangs, deploy multiple state-of-the-art techniques to retrieve information from a compromised or breached company. This is because most companies isolate, in varying degrees, their internal network from the public internet, blocking certain file transfer protocols, or prevent access…
We are proud to announce the recently formed partnership with Synopsys, a global leader in Application Security (AppSec). By combining their expertise, the two companies are dedicated to helping organizations establish trust in their software by taking a holistic approach…
What can be done to improve application security within the QNRCS? That's what we intend to answer in these lines. At the end of this article, you will know where to find the essential information to drive and maintain your…