1
4
submitted 2 months ago by N7x@infosec.pub to c/appsec@infosec.pub

Found this interesting list: https://list.latio.tech/

On the open source side, there is https://www.dependencytrack.org/

2
2
submitted 3 months ago by N7x@infosec.pub to c/appsec@infosec.pub
3
5
submitted 4 months ago by Cerbokan@infosec.pub to c/appsec@infosec.pub

If you're interested in a way to implement Zero Trust principles like least-privilege access or make your access policies more granular without creating code bloat this is something to check out.

Cerbos Hub externalizes application permissions (RBAC/ABAC) and makes it easier to write and maintain fine-grained access policies without falling into a slow doom spiral of spaghetti code.

You write your policies in a central repo, and deploy as many containerized policy decision points as you need alongside the relevant services in your application. Policy checks are an API call. No single point of failure or lag issues.

You can maintain and monitor distributed policy decision points from one place. Make changes in Hub once and the changes are deployed everywhere. It supports PDPs deployed in serverless environments, at the edge or on device. There's a collaborative policy playground to write and test your policies. It has a central audit log of all the policy decisions that take place across your application.

4
3
submitted 4 months ago by N7x@infosec.pub to c/appsec@infosec.pub
5
1
submitted 9 months ago by N7x@infosec.pub to c/appsec@infosec.pub

cross-posted from: https://infosec.pub/post/8123190

Hello everyone,

I work in appsec, my manager would like to send us to a conference this year. We are based in Europe, and the company would like to across intercontinental travel.

I have OWASP Global 2024 in Lisbon on my radar, as well as the BlackHat EU in London, is there any other conference you guys would recommend?

6
1
submitted 9 months ago by N7x@infosec.pub to c/appsec@infosec.pub
7
1
submitted 9 months ago by N7x@infosec.pub to c/appsec@infosec.pub
8
1
submitted 9 months ago by N7x@infosec.pub to c/appsec@infosec.pub
9
1
submitted 9 months ago by N7x@infosec.pub to c/appsec@infosec.pub
10
1
submitted 10 months ago by N7x@infosec.pub to c/appsec@infosec.pub
11
1
submitted 10 months ago by N7x@infosec.pub to c/appsec@infosec.pub
12
1
submitted 10 months ago by N7x@infosec.pub to c/appsec@infosec.pub
13
1
submitted 10 months ago by N7x@infosec.pub to c/appsec@infosec.pub
14
1
submitted 11 months ago by solidsnail@infosec.pub to c/appsec@infosec.pub
15
1
submitted 11 months ago by solidsnail@infosec.pub to c/appsec@infosec.pub

cross-posted from: https://infosec.pub/post/5707149

I talk about a report I've made to MSRC in the beginning of the year regarding vscode.

It's a bit different. There's no in depth technical stuff, because I basically just reported the feature, not a bug.

16
1
submitted 1 year ago by N7x@infosec.pub to c/appsec@infosec.pub
17
1
submitted 1 year ago by N7x@infosec.pub to c/appsec@infosec.pub
18
1

This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

19
1
New OWASP Cheet Sheet on Mobile Securty (cheatsheetseries.owasp.org)
submitted 1 year ago by mwguy@infosec.pub to c/appsec@infosec.pub

Mobile Application Security Cheat Sheet

Mobile application development presents certain security challenges that are unique compared to web applications and other forms of software. This cheat sheet provides guidance on security considerations for mobile app development. It is not a comprehensive guide by any means, but rather a starting point for developers to consider security in their mobile app development.

Architecture & Design

1. Secure by Design

...

20
1
submitted 1 year ago by netr0m@infosec.pub to c/appsec@infosec.pub
21
1
submitted 1 year ago by N7x@infosec.pub to c/appsec@infosec.pub
22
1
submitted 1 year ago by N7x@infosec.pub to c/appsec@infosec.pub
23
1
submitted 1 year ago by N7x@infosec.pub to c/appsec@infosec.pub
24
1
submitted 1 year ago by N7x@infosec.pub to c/appsec@infosec.pub
25
1
submitted 1 year ago by N7x@infosec.pub to c/appsec@infosec.pub
view more: next ›

appsec

335 readers
1 users here now

A community for all things related to application security.

founded 1 year ago
MODERATORS