Threat Assessment | SafeStack

Posted on April 24, 2023April 24, 2023 by Laura Bell

Behavior-Driven Development (BDD) goes rogue

Or “How to design software with evil villains in mind”

As software developers and development leaders, we strive to create software that’s not only functional but also secure. We work hard to identify potential cyber security risks and vulnerabilities and implement preventive measures. But despite our best efforts, some individuals will always seek to exploit any weaknesses in our software. That’s where the concept of cyber security personas comes in.

Continue reading Behavior-Driven Development (BDD) goes rogue

Posted on March 13, 2023May 8, 2023 by Laura Bell

Securing the bigger picture: Lifecycle security maturity

What came first: security built into your software development lifecycle or security built into the design and implementation of your code?

When we talk about application security, there are two distinct camps emerging — lifecycle security maturity and product security maturity.

Continue reading Securing the bigger picture: Lifecycle security maturity

Posted on March 13, 2022November 9, 2022 by The SafeStack Team

Secure development: Detecting attacks in your software

In this blog post, we cover ideas that were first discussed by our SafeStack Academy Secure Development community at our online members’ seminar on detecting attacks in software products, hosted by Christian Frichot and Erica Anderson.

Continue reading Secure development: Detecting attacks in your software

Posted on December 10, 2021June 20, 2022 by The SafeStack Team

Secure development: Finding and fixing API security vulnerabilities

2021 has been a big year of growth for us. We’ve expanded our team, as well as the number of countries our customers are in.

We never lost sight of our mission though, to bring accessible, inclusive, industry-aligned security skills to all our customers and partners.

And what a great way to wrap up the end of 2021 — by releasing our newest SafeStack Academy Secure Development course: Finding and Fixing API Security Vulnerabilities.

Continue reading Secure development: Finding and fixing API security vulnerabilities

Posted on October 7, 2021June 22, 2023 by The SafeStack Team

Secure development: Turning insecure design around

As the dust settles on the release of the latest version of the OWASP Top 10, our team has been talking about the inclusion of insecure design on the list. Specifically, we’ve been thinking about what that means for everyone involved in the delivery of software products.

Continue reading Secure development: Turning insecure design around

Posted on September 28, 2021June 22, 2023 by The SafeStack Team

Secure development: Top ten security training topics for your team

At SafeStack we believe weaving cyber security throughout the entire software development life cycle is essential.

When we teach secure development, our goal is to help development teams build a set of vital skills that supports them to collaborate on security early and often, making it a shared responsibility that everyone has a solid understanding of.

Continue reading Secure development: Top ten security training topics for your team