Poor coding patterns can lead to big security problems… so why do we encourage them?
Secure Code Warrior recognized in Gartner’s Cool Vendors in Software Engineering: Enhancing Developer Productivity
Get ahead of software vulnerabilities in NGINX and Microsoft Windows SMB Remote Procedure Call service
The Log4j vulnerability explained - Its attack vector and how to prevent it
Cybersecurity industry analysis: Another recurring vulnerability we must correct
Is your security program focused on incident response? You're doing it wrong.
Lifting the veil on cyber vulnerabilities in Government supply chain pipelines
Future frontiers: Why developers need to go beyond the OWASP Top 10 for secure coding mastery
Experience the impact of the Path Traversal Vulnerability to blame for the recent Apache woes
Warrior Insider: Nelnet - Nurture your security champions and create a culture of secure development from within
Elevated security intelligence: Guided courses helping developers get NIST-ready
When good microwaves go bad: Why embedded systems security is the next boss battle for developers
Warrior Insider: Contrast Security - Give developers impactful cybersecurity training with contextual learning
Warrior Insider: Selligent - why cybersecurity matters when scaling your business
The rise of DevSecOps – and what 'shifting left' really means for your organization.
Shifting from reaction to prevention: The changing face of software security 2021 - Whitepaper
Ship quality code faster, with confidence: the transformative power of secure coding practices.
Cybersecurity Executive Order: A deliberate approach to improve software security with developer skills
Realigning your organization around secure coding – barriers, concerns, and active solutions
Managers and security champions – the pied pipers and critical influencers of secure coding practices.
A cyberattack occurs every 39 seconds. Is the government finally equipped to fight back?
Hiding in plain sight: Why the SolarWinds attack revealed more than malicious cyber risk
If AppSec tooling is the silver bullet, why are so many companies not firing it?
Building trust: The path to true security synergy between AppSec and developers
For developers to help slay the cybercrime beast, training is a quest in two parts
Coders Conquer Security OWASP Top 10 API Series - Improper Assets Management
My pentester, my enemy? Developers reveal what they really think about pentesting and static analysis results
Coders Conquer Security OWASP Top 10 API Series - Insufficient Logging and Monitoring
Coders Conquer Security OWASP Top 10 API Series - Disabled Security Features/Debug Features Enabled/Improper Permissions
How the Australian Government can build national cybersecurity resilience and stand tall against threats
Coders Conquer Security OWASP Top 10 API Series - Missing Function Level Access Control
Coders Conquer Security OWASP Top 10 API Series - Lack of Resources and Rate Limiting
ClickShare Vulnerabilities May Have Been Patched, But They Mask a Much Bigger Problem
Coders Conquer Security OWASP Top 10 API Series - Excessive Data Exposure
Coders Conquer Security OWASP Top 10 API Series - Broken Object Level Authorization
Death by Doki: A new Docker vulnerability with serious bite (and what you can do about it)
Strike first, strike hard: Why curated secure coding courses extend no mercy to cyber threats
Stop disrupting my workflow! How you can get the right security training at the right time
Rust is the most-loved programming language for the fifth time. Is it our new security savior?
Coders Conquer Security Infrastructure as Code Series - Using Components From Untrusted Sources
Coders Conquer Security Infrastructure as Code Series: Security Misconfiguration - Improper Permissions
Coders Conquer Security Infrastructure as Code Series: Insufficient Transport Layer Protection
Coders Conquer Security Infrastructure as Code Series: Plaintext Storage of Passwords
Coders Conquer Security Infrastructure as Code Series: Missing Function Level Access Control
Coders Conquer Security Infrastructure as Code Series: Disabled Security Features
Turning boring PCI-DSS compliance into a meaningful exercise for everybody: Part 2 - CISOs and developer awareness