DevSecOps and SRE stories
Must-Have metrics for successful Site Reliability
An overall Site Reliability strategy should always be based on data and metrics. However having the right metrics is a key challenge to evolve services and practices internally. The rise of agile, DevOps and...
Composer – All you need to know
What is composer? Composer, created in 2012, is a dependency manager for PHP, it allows you to handle packages and their version to include in your project. You could compare it to Ruby Gem...
Build your Cyber Security Watch
For me Threat Intelligence is not only the last buzzword for security products. It also means education of the day-to-day professionals who take care of network and system. It can be related to security...
7 Tips for Continuous Application Security
Even though most of the security breaches nowadays come from applications, security is still an after thought in companies policies. Still too few resources are dedicated to improve security during the development process and...
Refactor your Team 3
This article is the follow-up to– Refactor your team Part 1– Refactor your team Part 2 Current status Here we are, in phase 3 of the team refactoring project. Following part 2, it took quite some...
Refactor your Team 2
This post follows the Refactor your Team Part 1 which I encourage you to read to understand the current situation and where we’re tending to. We continue our trek to improve practices and process of our...
Refactor your Team 1
This serie of article is on my experience as a coach in a recruiting company I joined 2 years ago, from the struggle to the solution implemented, and who knows, maybe it would give...
4 steps to improve your Web Security
I used to work as a Security Engineer in Switzerland(Lausanne) for 5 years. Part of my job was Ethical Hacking and performed pentest on various projects with a speciality on web technologies. Right now I...
Retrospective method KPT
I will present you here a method i discovered in Japan and actually never seen elsewhere back in Europe. Fortunately I’ll remediate to that and give you a quick explanation about it ! The KPT...
OWASP ASVS 3.0 CheatSheet
The primary aim of the OWASP Application Security Verification Standard (ASVS) is to normalize the range in the coverage and level of rigor available in the market when it comes to performing web application security verification. The ASVS standard provides a basis...