Secure Software Engineering — OWASP TOP 10 Intro Course

My goal is to create easy to consume trainings that can be used by any individual or organisation. I know plenty of organisation struggle with a cost of producing internal secure coding trainings, so here I come for the rescue. I offer my content — which I’ve used to use at commercial trainings — now free of charge for … Continue reading Secure Software Engineering — OWASP TOP 10 Intro Course

Security industry is poisoned

More I interact with security 'thought leaders' more I understand why so many companies have terrible security posture and why security is perceived as a pain-in-the-ass-showstopper. Lots of middle-management 'security' experts suck shit socially, that's why. There are no metrics which you can use to immediately measure the direct ROI of empathy and being a … Continue reading Security industry is poisoned

Securing Software in Agile SDLC & Allocating Testing Resources

It's tough to get yourself started when Agile SDLC is new to you, but when you tweak some processess and adjust them, you'll be able to increase your productivity. Software engineers must take security department into account but you also must learn from they how to be effective without disturbing their workflow.