Why Storing Plaintext Passwords in a Private S3 Bucket it’s bad idea?Let’s imagine that you store usernames and passwords in cleartext in the S3 bucket. Let’s assume that access to the entire bucket is…Sep 25, 2023Sep 25, 2023
AWS Account Hijacking via CI/CDIn the evolving landscape of cloud computing, AWS (Amazon Web Services) stands out as a leading service provider. However, as with any…Jul 27, 2023Jul 27, 2023
DevSecOps — integrating SAST, SCA, Secrets detection, Container security and IaC scanning with JIT.iDo you still remember when it took a long time to implement Security controls into your workflow? Let’s do it in a few minutes with JIT.io…Sep 21, 20223Sep 21, 20223
Could GitHub Copilot produce a vulnerable code?GitHub Copilot is an interesting solution that promises to simplify the developer’s day-to-day tasks. This short article aims to answer the…Aug 24, 2022Aug 24, 2022
Google Indexing — how to fixSearch engines doing really great job in indexing content. Of course everyone wants to be at the top of the search results. But sometimes…Jul 23, 2022Jul 23, 2022
iOS Apps Security scanners practical comparisonIn this article, I tried to overview: What iOS Apps Security Scanners exist on the market, What capabilities they provide, and what…Feb 20, 2022Feb 20, 2022
DevSecOps — What Security Controls exist and when to implement them?In this short article, I tried to overview what Security Controls exists, what stage it can be added to the CI/CD process, and what…Jan 15, 2022Jan 15, 2022
Implementing Application Security on your projectThe main purpose: CyberSecurity should help businesses succeed.Dec 22, 2021Dec 22, 2021