Application Security Questions
Jan 27 2022
Hi infosec professionals.
What are your top choices of tools to use for mobile penetration testing this year?
Thanks for sharing your knowledge!
Jan 12 2022
What top trends do you predict about DevOps and DevSecOps for 2022?
In your opinion, what is gonna change this year vs 2020-2021?
Jan 12 2022
How do you practically use it and apply Security Posture/Security Posture Management in a large organization?
Dec 21 2021
Hi peers, I believe many of you have already heard of the recent Log4j/Log4Shell vulnerability that allows attackers to perform remote code execution (RCE). What does it mean for an organization? How can you check you're vulnerable and mitigate/patch it now, if at all? Lastly, what impact do... Read More »
Dec 22 2021
When do you use each of those tools?
Nov 01 2021
Would you recommend using an open-source WAF for a large company? If so, which one and why?
Oct 11 2021
What are the OWASP Top 10 this year?
What single web app security tool (or a minimum set of tools) would you recommend for overall web app protection (from the most critical security risks covered by these Top 10)?
I'm currently researching the following two application security tools: Coverity and SonarQube.
Can anyone point me out to main differences between these 2 products?
Thanks for your help!
There are many cybersecurity tools available, but some aren't doing the job that they should be doing. What are some of the threats that may be associated with using 'fake' cybersecurity tools? What can people do to ensure that they're using a tool that actually does what it says it does? Read More »
Hi community members,
Is SonarQube is the best tool for static analysis? Are there any good tools that compete with SonarQube?
Oct 11 2021
Many companies wonder whether SAST or DAST is better for application security testing.
What are the relative benefits of each methodology? Is it possible to make use of both?
Sep 20 2021
Let the community know what you think. Share your opinions now!
Download our free Application Security Report and find out what your peers are saying about Data Theorem, SonarSource, PortSwigger, and more!
- When evaluating Application Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Is SonarQube the best tool for static analysis?
- SAST vs. DAST: Which is better for application security testing?
- What does the Log4j/Log4Shell vulnerability mean for your company?
- What are the OWASP Top 10 in 2021?
- What is the difference between SAST and SCA tools?
- Which open-source WAF would you recommend for a large company?
- What are your top DevOps and DevSecOps predictions for 2022?
- What tools do you recommend to use for mobile penetration testing in 2022?