Information Security, Software Engineering, and more…
Nowadays, relying on password-only authentication for AWS accounts managing production-related workload is extremely dangerours. Multi-factor authentication (MFA) is a must
Read more
Last December (2019) I had the chance to successfully pass the AWS Certified Security Specialty exam. It took me between 2 and
Read more
Today, up to 90% of security breaches are caused by software vulnerabilities, additionally penetration testing activities commonly occur near the last
Read more
The NIST Cybersecurity Framework (CSF) is a non-profit endeavor based on best practices and using existing standards, originally intended for
Read more
Security requirements are foundational for every business project and should be prioritized with the same importance than Software Development (Dev)
Read more
Establishing a robust Application Security Program is not something that occurs overnight. It is a process that inevitably requires incorporating
Read more
In order to manage application infrastructure administrators rely on containers and tools that empower the DevOps team to package, deliver,
Read more
The Security Content Automation Protocol, generally recognized as SCAP, enables automated vulnerability management, measurement and policy compliance evaluation of systems based on
Read more
Interactive Application Security Testing, also known as IAST, utilizes runtime testing techniques to help organizations identify and manage security risks. It
Read more
Dynamic Application Security Testing, also known as DAST, is a Black-Box Security Testing Methodology which tests the application from the outside
Read more