We Hack Purple Blog

Security is Everybody’s Job — Part 4 — What is DevSecOps?

In this post we will explore The 3 Ways of DevOps. But...

Security is Everybody’s Job — Part 3 — What IS DevOps?

What IS DevOps? There are many definitions of DevOps, too many, some...

Security is Everybody’s Job — Part 2 — What is Application Security?

Application Security is every action you take towards ensuring the software that...

Security is Everybody’s Job — Part 1 — DevSecOps

This is the first in a many-part blog series on the topic...

7 Places to do Automated Security Tests

When working in a DevOps environment security professionals are sometimes overwhelmed with...

Pushing Left, Like a Boss – Part 10: Special AppSec Activities and Situations

Special Situations Not all application security programs are the same, and not...

Pushing Left, Like a Boss – Part 9: An AppSec Program

In my talk that this blog series is based on, "Pushing Left,...

Pushing Left, Like a Boss – Part 8: Testing

It is my belief that testing should be done throughout the development...

Pushing Left, Like a Boss – Part 7: Code Review and Static Code Analysis

This article is about secure code review and Static Application Security Testing...

Pushing Left, Like a Boss – Part 6: Threat Modelling

The last security-related part of the Design Phase of the System Development...

Pushing Left, Like a Boss, Part 5.14 Secure Coding Summary

This article will summarize the previous articles in Part 5 of this...

Pushing Left, Like a Boss — Part 5.13 — HTTPS only

HTTPS only — for every app, everyone, always. Temple in South Korea,...