SecureStack
  • Who We Help
    • CTOs
    • Developers
    • Security Teams
    • Service Providers
  • Learn More
    • DevSecOps Maturity
    • SDLC Compliance
    • log4shell
    • Videos
  • Latest News
  • Contact Us
  • Login
Select Page
How to enforce HTTPS on your web application

How to enforce HTTPS on your web application

by securestack-admin | Apr 20, 2022 | Application Security, Blog, developer insights, DevSecOps, SMB Security

Enforcing HTTPS is a lot harder than most people make it seem So, lemme break this down into the 7 (yes 7!) different things you are gonna need to have configured to meet the requirement in the top paragraph: create the unencrypted "origin" service create a load...

Risky Business

Risky Business

by Paul McCarty | Apr 13, 2022 | Application Security, Blog, developer insights, DevSecOps

Risky Business Podcast In this edition of Snake Oilers we'll be hearing from Google Security -- Anton Chuvakin is appearing on their behalf to talk more about how switching to its cloud-native SIEM actually makes sense now. Paul McCarty from SecureStack will be along...

Australian ISM – Guidelines for Secure Development

Australian ISM – Guidelines for Secure Development

by Paul McCarty | Apr 2, 2022 | Application Security, Blog, developer insights, DevSecOps

The Australian Cyber Security Centre (ACSC) is the arm of the government that provides guidance on how to improve cybersecurity in Australia.  As part of this mandate, they have been producing a document called the "Information Security Manual" (ISM) since 2017. You...

Automate responses to security questionnaires!

Automate responses to security questionnaires!

by Paul McCarty | Mar 25, 2022 | Application Security, Blog, developer insights, DevSecOps

Are you sick of filling out security questionnaires to meet some compliance or audit objectives?  Most of the software engineers we talk to that have to fill these pesky forms out hate the process.  Many of them say to us that they really want something that could...

The DevSecOps Playbook

The DevSecOps Playbook

by Paul McCarty | Mar 3, 2022 | Application Security, Blog, developer insights, DevSecOps

The DevSecOps Playbook SecureStack is committed to open-source projects, that's the reason we recently open-sourced the "DevSecOps Playbook".  This playbook, originally written by our CEO Paul McCarty, was an internal automation document that explained how to secure...

One GitHub Action To Rule Them ALL!

One GitHub Action To Rule Them ALL!

by Paul McCarty | Jan 30, 2022 | Application Security, Blog, developer insights, DevSecOps

What are GitHub Actions? Automate, customize, and execute your software development workflows right in your repository with GitHub Actions. You can discover, create, and share actions to perform any job you'd like, including CI/CD, and combine actions in a completely...

How to secure git

How to secure git

by Paul McCarty | Jan 27, 2022 | Application Security, Blog, developer insights, DevSecOps

How can I make git more secure? Git is super powerful.  We use git to interact with our most important intellectual property:  our source code.  For a SaaS provider this source code really is the whole business. If someone steals it, your IP is gone and so, probably...

The Log4J Vulnerability & Log4Shell Incident Explained

The Log4J Vulnerability & Log4Shell Incident Explained

by Jack Spence | Jan 10, 2022 | Application Security

What is the Log4J vulnerability?  Log4j 2 is an open source Java logging library developed by the Apache Foundation. It is a key building block which is reused to provide logging functionality to help system developers troubleshoot in a large number of applications...

What is a SBOM?

What is a SBOM?

by Paul McCarty | Jan 9, 2022 | Application Security, Blog, developer insights, DevSecOps

One of my friends messaged me on LinkedIn today and asked "What is this SBOM you keep talking about?"  I realized that he's right and I should probably explain what an SBOM is.  First, the term refers to a "Software Bill of Materials".  An SBOM is a complete inventory...

DevSecOps predictions for 2022

DevSecOps predictions for 2022

by Paul McCarty | Dec 31, 2021 | Application Security, Blog, developer insights, DevSecOps

2021 was a CRAZY year! We spent most of 2021 at home.  We had to build new ways of working and migrate things to the cloud WAYYY too quickly.  We saw new types of threats to our applications including "dependency confusion attacks" and "software supply chain...

« Older Entries
SecureStack
  • Facebook
  • Twitter
  • Linkedin
  • Latest News
  • Contact Us
  • Terms and Conditions
Start A Free Trial