Security

Security and compliance in software projects – getting dependencies under control

This blog post addresses the high standards of security and compliance that we have to meet in every software project. Trained security engineers are responsible for ensuring that we achieve this within any given project. An especially persistent challenge they face is dealing with the countless dependencies present in software projects, and getting them – and their variety of versions – under control.

6 min

Application Security Tools: Use for Static Application Security Testing & Software Composition Analysis

Im Bereich der Application Security gibt es verschiedene Konzepte, um das Ziel zu erreichen, zuverlässige und sichere Software zu entwickeln. In diesem Beitrag werden das Static Application Security Testing (SAST) und die Software Composition Analysis (SCA) als wichtige Bestandteile der Application Security vorgestellt. Zur Umsetzung dieser Konzepte und Erhöhung der Application Security können entsprechende Tools eingesetzt werden.

Software Services,General
4 min

OAuth in Single-Page-Apps

A large part of the apps we use regularly provide individual data and services for different users and therefore need to be able to clearly identify their users. The classic approach here would be to build a login form and manage it with its own user database, but this can have some disadvantages. This article presents the alternative approach with the protocols “OAuth” and “OpenID Connect”, which were developed for the purpose of secure authentication and authorisation.

Web
12 min

Let’s Talk About Security – SQL Injection

Many developers are still scratching their heads, wondering how such a simple method of attack could make it to the top of the list of security vulnerabilities.

Quality Assurance,Web
5 min

Let’s Talk About Security – Validate All Input

The objective of validation is to verify that the data entering the system do not cause any damage or cause information to be leaked.

Quality Assurance,Web
7 min

Let’s Talk About Security – Digital Identity

Security is more important today than ever before. Virtually everything is digitized and either located in its own network or connected to the internet.

Quality Assurance,Web
6 min