We Hack Purple Blog

API4:2019 Lack of Resources & Rate Limiting

In the previous post we covered API3:2019 Excessive Data Exposure, which was...

API3:2019 Excessive Data Exposure

In the previous post we covered API2:2019 Broken User Authentication, which was...

API2:2019 Broken User Authentication

In the previous post we covered API1:2019 Broken Object Level Authorization, which...

The OWASP API Security Top Ten: API1:2019 Broken Object Level Authorization

The following blog series will be on the OWASP API Security Top...

What’s the difference between Product Security and Application Security?

Recently I have started seeing new job titles in the information security...

Conclusion: Security Champions

In the previous article we talked about Metrics, and in this article,...

DevSecOps War Stories

DevSecOps is a marketing buzzword word now, but it wasn't always. Just...

Security Champions: Metrics & Data

The previous article in this series is Recognizing and Rewarding Your Security...

(Over)Communication With Your Security Champions

As mentioned in the previous article (Recognizing & Rewarding Your Security Champions),...

Recognizing & Rewarding Security Champions

If you’ve ever read the book The 5 Love Languages, or articles...

Teaching Security Champions

In the previous article, we talked about how to engage your champions....

Engage Your Champions

In the previous article, ‘Recruiting Security Champions’, we covered several ways to...