IT Central Station is now PeerSpot: Here's why

Badges

215 Points
1 Year
Top 5

User Activity

About 1 year ago
Everything in technology focuses on People, Process & Technology. What binds these together is business requirements and understanding the needs of each Line Of Business. Often each Line of Business requires completely different requirements, but what tools help you meet…
About 1 year ago
The first thing you'd want to do is: 1. Look at your application inventory to determine the language and framework coverage. 2. The following would be what has the developer integrations with my current and future state CI/CD toolset, Developer IDE's 3. Do I have the…
Over 1 year ago
The easiest way to remember the role of each: SCA & SAST = Am I Vulnerable DAST & IAST = Am I Exploitable (In some cases together, they complement SAST) RASP & WAF = Can I Protect Myself  (Fixing the code is the primary option)
Over 1 year ago
Choosing the right static analysis software requires multiple components:1. What are my business requirements and do I have champion BUs  2. What does your application portfolio look like (Lang. developed, Line of Code, etc.) and do we have a complete application inventory…
Over 1 year ago
Rendra,  You need to ask yourself a few questions: 1. Do I know is the technology stack (languages) that needs to be supported? 2. Do I have access to the Source Code, just Binaries OR Both? 3. Do I need to support SCA(FOSS) 4. Do I need a unified Dashboard for reporting…
Over 1 year ago
@Oscar Van Der Meer Fortify SCA (Static Code Analyzer) was around way before SCA (Software Composition Analysis). There are various integrations with Software Composition Analysis (SonaType, BlackDuck, Snyk, WhiteSource, and OWASP Dependency Checker & Track. The reason…

Projects

Over 1 year ago
Turning a major financial customer from a non
Turning a major financial customer from a non believer to the most robust customer. That customer is now a referenceable customer.

Interesting Projects and Accomplishments