DevSecOps and SRE stories
An overall Site Reliability strategy should always be based on data and metrics. However having the right metrics is a key challenge to evolve services and practices internally. The rise of agile, DevOps and...
What is composer? Composer, created in 2012, is a dependency manager for PHP, it allows you to handle packages and their version to include in your project. You could compare it to Ruby Gem...
For me Threat Intelligence is not only the last buzzword for security products. It also means education of the day-to-day professionals who take care of network and system. It can be related to security...
Even though most of the security breaches nowadays come from applications, security is still an after thought in companies policies. Still too few resources are dedicated to improve security during the development process and...
This article is the follow-up to– Refactor your team Part 1– Refactor your team Part 2 Current status Here we are, in phase 3 of the team refactoring project. Following part 2, it took quite some...
This post follows the Refactor your Team Part 1 which I encourage you to read to understand the current situation and where we’re tending to. We continue our trek to improve practices and process of our...
This serie of article is on my experience as a coach in a recruiting company I joined 2 years ago, from the struggle to the solution implemented, and who knows, maybe it would give...
I used to work as a Security Engineer in Switzerland(Lausanne) for 5 years. Part of my job was Ethical Hacking and performed pentest on various projects with a speciality on web technologies. Right now I...
I will present you here a method i discovered in Japan and actually never seen elsewhere back in Europe. Fortunately I’ll remediate to that and give you a quick explanation about it ! The KPT...
The primary aim of the OWASP Application Security Verification Standard (ASVS) is to normalize the range in the coverage and level of rigor available in the market when it comes to performing web application security verification. The ASVS standard provides a basis...
I created my first dynamic website when I was 14 years old using PHP4. It was my first programming language (besides HTML4) and I remember the feeling that I could do anything I wanted. At...