If AppSec tooling is the silver bullet, why are so many companies not firing it?
Happy birthday SQL injection, the bug that can’t be squashed
Building trust: The path to true security synergy between AppSec and developers
Starting "left of left": Is secure code always quality code?
For developers to help slay the cybercrime beast, training is a quest in two parts
Coders Conquer Security OWASP Top 10 API Series - Improper Assets Management
Coders Conquer Security OWASP Top 10 API Series - Insufficient Logging and Monitoring
Introducing Missions: The next phase of developer-centric security training
Coders Conquer Security OWASP Top 10 API Series - Disabled Security Features/Debug Features Enabled/Improper Permissions
Coders Conquer Security OWASP Top 10 API Series - Mass Assignment
Build secure coding skills at every stage of the SSDLC
Coders Conquer Security OWASP Top 10 API Series - Missing Function Level Access Control
National Cybersecurity Awareness Month: More than a phishing expedition
Coders Conquer Security OWASP Top 10 API Series - Lack of Resources and Rate Limiting
Coders Conquer Security OWASP Top 10 API Series - Excessive Data Exposure
Coders Conquer Security OWASP Top 10 API Series - Broken Authentication
Expert Interview: Infrastructure as Code with Oscar Quintas
Coders Conquer Security OWASP Top 10 API Series - Broken Object Level Authorization
Death by Doki: A new Docker vulnerability with serious bite (and what you can do about it)
Is your organization really DevSec-ready? Put it to the test.
Strike first, strike hard: Why curated secure coding courses extend no mercy to cyber threats
Want developers to code with security awareness? Bring the training to them.
Stop disrupting my workflow! How you can get the right security training at the right time
Rust is the most-loved programming language for the fifth time. Is it our new security savior?
Coders Conquer Security Infrastructure as Code Series - Business Logic
Coders Conquer Security Infrastructure as Code Series - Using Components From Untrusted Sources
My pentester, my enemy? Developers reveal what they really think about pentesting and static analysis results
The future of work is flexible, and it's great for cybersecurity
ClickShare Vulnerabilities May Have Been Patched, But They Mask a Much Bigger Problem
Coders Conquer Security Infrastructure as Code Series: Security Misconfiguration - Improper Permissions
Coders Conquer Security Infrastructure as Code Series: Insufficient Transport Layer Protection
Coders Conquer Security Infrastructure as Code Series: Insecure Cryptography
Coders Conquer Security Infrastructure as Code Series: Plaintext Storage of Passwords
Webinar: Are you ready to put the "Sec" in DevOps?
Coders Conquer Security Infrastructure as Code Series: Disabled Security Features
Coders Conquer Security Infrastructure as Code Series: Missing Function Level Access Control
Turning boring PCI-DSS compliance into a meaningful exercise for everybody: Part 2 - CISOs and developer awareness
Turning boring PCI-DSS compliance into a meaningful exercise for everybody: Part 1 - AppSec
How to Become a Kick-Ass DevSecOps Engineer
Why SQL Injections Are The Cockroaches of the AppSec World (and how CISOs can eradicate them once and for all)
Moving from academic research to industry is non-trivial
One line of code, $1 million
"Explosive" cyber attacks in Oil and Gas are life threatening
What security practices do 300,000 developers really do?
Equifax security issues uncovered in 2016
Root cause of Equifax hack is web app vulnerability
Talk to us today and make software security an intrinsic part of your development process.
