mgm sp @ Heise DevSec
With the topic “How practical is DevSecOps really? – A field report” our colleague Maximiliane Zirm is present at this year’s Heise devSec.
DevOps describes the principle of bringing together two teams that actually work separately within the framework of agile software development. The aim is to improve quality and, above all, speed up delivery. Security is often left out of the equation. This is taken up in the DevSecOps concept and expanded by the security team. But does this also work in practice?
In our (German) presentation we share our many years of experience from a large, highly agile project. We show our successes, but also our mistakes in the area of DevSecOps. These lessons learned help those responsible to recognize problems early on and to prevent them with the help of best practices.
Further details and tickets can be found on the official conference website (German).
NinjaDVA – Our Training Environment
The NinjaDVA is our comfortable and flexible training environment.
Tool Tuesday – sqlmap
Is your web application vulnerable to SQL Injection? With sqlmap you can test it.
Attack Afternoon – CSRF Countermeasures #1
CSRF Countermeasures #1: One possibility to prevent CSRF is the usage of an anti-CSRF token.
Attack Afternoon – CSRF
CSRF stands for “Cross-Site Request Forgery” and is a classic among web application attacks. With this attack, it is possible to perform certain user actions without them noticing it. But how exactly does this attack work?
it-sa 2019 – Lean Application Security
At the it-sa 2019 we will present our innovative consulting concept Lean Application Security.