5d ago · 7 min read · Unit tests are good at checking whether internal logic behaves correctly. But not every risk in a web application is visible from ordinary unit tests. In the SIBANGKU project, I learned this through t
Join discussionMay 26 · 6 min read · When it comes to government-backed digital transformation, the gov.gr wallet has been one of Greece's flagship projects, allowing citizens to carry their IDs, driver's licenses, and other official doc
Join discussion
Apr 19 · 6 min read · Modern software ships fast. Security incidents ship faster. With cloud‑native apps, microservices, and open‑source everywhere, application security can no longer be an afterthought. That’s where SCA
Join discussion
Feb 12 · 8 min read · Why Traditional Security Scanning Fails Modern Teams The security landscape in 2025 differs fundamentally from even three years ago. Cloud-native applications built on Kubernetes span multiple regions and availability zones. Serverless functions exec...
Join discussionFeb 6 · 16 min read · Basic security terms for the course SAST, SCA, DAST, IAST SAST: Static Application Security Testing (Code review for your own code)-> white box testing SCA: Software Composition Analysis (Background check of external libraries you use) DAST: Dynam...
Join discussion
Nov 30, 2025 · 12 min read · TL;DR: Scanners that run automatically, findings that aggregate in one place, reports that don't make stakeholders' eyes glaze over. For small-to-medium engineering teams who need real security without hiring a dedicated AppSec team. Security scanne...
Join discussion
Nov 26, 2025 · 7 min read · APIs have become the core of modern products. They power web apps, connect microservices, and move sensitive data across systems. But as API usage grows, so do the risks. Recent industry reports show API-driven attacks rising faster than traditional ...
Join discussion
Oct 3, 2025 · 3 min read · It was a late Friday evening when the DevOps team at a fintech startup got an urgent message from the security team: “We’ve found hard-coded secrets in production code. Immediate remediation required.” The room went silent. The developers knew what...
Join discussion
Sep 22, 2025 · 2 min read · Dynamic application security testing (DAST) is the procedure of finding vulnerabilities in web applications during its production phase. It involves both automated and manual testing techniques to find weak points that hackers could exploit for their...
Join discussion
