Which code security scanners are suitable for our applications? What are SAST, DAST and IAST? How is security integrated into modern DevOps and cloud environments? How can I embed security into my Scrum processes and avoid quality gates that slow processes down? We help you to secure your software operations and developments, even in modern environments with agile processes.
No matter how technologically well-protected you are against attacks, technology is just one aspect of a company’s overall security strategy. How employees behave when security problems occur and how the flow of information is structured in an emergency are just as important. How is your risk management structured? What processes are in placein the event of a cyber attack? Which are the most important systems, and how compliant are you? We also help you to meet the requirements of ISO 27001 and the European General Data Protection Regulation (GDPR).
Your company can only be secure if you have appropriately trained staff. We offer practical, enjoyable training courses tailored to developers and architects. Our training will enable them to detectcurrent dangers, develop solution strategies, become familiar with hackers’ techniques and evaluate security incidents more accurately. We can also help you to set up your own training programme to embed security knowledge in your company on a permanent basis.
Building modern SSDLCs - Securing Software at Scale
Security in the last years was mostly focused on infrastructure protection, but application security has slowly grown in relevance and will likely continue to do so. Applications play a growing role for businesses and application specific security programs are often...
When your DNS leaks your infrastructure
Reverse resolving a public IP - no problem here Tl;dr: A few nameservers might expose internal IP addresses and domain names when directly queried to reverse resolve private IPs. Check with dig -x or have a...
Story of a compromised wordpress server
What to do when your PHP server gets hacked? This is a story of a compromised linux web server I recently dealt with. New PHP files had appeared that had nothing to do with the wordpress application running on...