developer - Abhay Bhargav

Abhay Bhargav

Sign in Subscribe

developer

A collection of 7 posts

Building a Static Analysis Security Bot with Gitlab

application security Featured

Building a Static Analysis Security Bot with Gitlab

I am a big believer in Feedback loops. For me, DevSecOps is all about building better feedback loops. If I can get Dev or Ops folks to get quick security feedback on something they have written, with few/no false positives, in a workflow that they are used to, I

Hooking up - Automation (and Security) wins with Hooks

Hooking up - Automation (and Security) wins with Hooks

I am inordinately pleased with myself today. No, no, it was nothing earth-shattering. For you, there's a good chance, that its probably nothing. But I am a sucker for small wins, automation and developer-driven workflows. Any wins around Automation and dev-workflows actually. Don't know what I am talking about? Let

Myth-busting Developer Security Training in 2019

application security

Myth-busting Developer Security Training in 2019

Myths for Developer Security Training that I have learned through personal experience over a long span of training developers on security (2012-2019 and counting) * Developers don't care about security. Untrue. Security doesn't contextualize security issues, attacks and consequences. Context is king. * "We need OWASP Top 10 Training". OWASP Top 10

Disassembling CVE and CWE for No Fun and No Profit

application security Featured

Disassembling CVE and CWE for No Fun and No Profit

There's a good chance that you or your colleague(s) will be shuffling through the massive vendor presentation areas at RSA next week. Chances are that, as you make your way through the booths with shiny screens with Dashboards and fancy-looking charts, you'll see one or more of these "C"

Thoughts on Developer Security Training

Thoughts on Developer Security Training

I have had the good fortune to have trained thousands of developers on Application Security. Private organizations, conferences and even some non-profit groups have engaged us (we45) and my team to do this. Needless to say, this has been an extremely rewarding experience. I have had several clients say that