| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Frank Catucci The enigma of AppSec and the mirages of mitigating risk is something I often see in my day job as well as my personal experience and research.
An application looks secure; the developers had great intent, ideas and features. Follow through however, now that is a completely different story. I will demonstrate and walk through some valid cases in which the ideas of AppSec in a web app's design were valid and well thought out, however the execution of such security measures, not so much. The easy mistakes that can be made and the lack of testing often are the culprit. But sometimes, yeah, zero shits are given.
I will also address BugBounty programs. Some good, some not so much, and why. Finally I will offer advice on how to help progress and improve you AppSec programs. Thank you.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast