Trust your devops team

Embrace devops and trust your devops team to do the right things. Collaborate effectively to meet the security needs of the business by building a robust Application Security Program building in robust agile security automation.

Published
Categorized as Blue Team

Using your SOC to Threat Model your Applications

Threat Modelling is probably one of the most underrated exercises there is when it comes to Application Security. Building this into the SDLC is no easy task. Building a new Application Security Program you can adopt Threat Modelling early on, for existing Application Security Programs, you can utilise it to secure those applications already in production

Tips to Secure Docker & Kubernetes

Simple guide to get you going quickly to start securing Docker and Kubernetes. As with all new technologies, there is a learning curve and an introduction of new vulnerabilities.

Published
Categorized as DevSecOps

Effective Threat Intelligence

What is Cyber Threat Intelligence, how can it be used and where to get started. This is one area that is definitely not understood well, although it is maturing but there is a fair way to go yet. Here I go over some basics.

Intro to IAST & RASP

It’s no surprise that numerous amounts of attacks occur due to software bugs. Being able to identify vulnerabilities, remediate and repeat, track and report is vital for modern day agile environments.

Published
Categorized as DevSecOps