SECURETARGET

Category: Software Security

  • The Wrong Path to Security

    Running in Circles You are lost in a security rabbit hole, and you are not getting any closer to being secure. You think you are making progress, but you are not. You keep investing in products and services, yet your risk remains the same. The reason is simple: you are taking the entirely wrong route.…

  • The Compliance Misinterpreted!

    The Compliance Misinterpreted!

    When “Check-the-Box” Fails Most companies today live in a dream world. They think that passing an audit or getting a certification means their software is secure. It does not. Regulatory compliance is not security, it is just paperwork. If your software is built on a foundation of neglect, it is already waiting to be exploited.…

  • The Panacea Illusion

    The new obsession This feels like the beginning of a new religion. ChatGPT arrives, and suddenly everyone believes they’ve found the cure for everything. Every question, every confusion, every gap in understanding, now delegated to a chatbot. The same pattern repeats: a new tool, a new promise, a new exhaustion. People forget that every tool…

  • Relying on SAST/DAST

    Relying on DAST/SAST is like investing in a restaurant where chef needs to be reminded of how to safely handle knife. no surprise that software developers have been dragging computer end-users to current situation when software products are no longer reliable, or they are packed with vulnerabilities. I have mentioned before that I believe the…

  • Software is the root cause of all insecurities

    Software is the core of any computerized system and it is the most effective way of introducing insecurities to cyberspace with all its entities. eliminate fancy tools like synthesizer if you want your child be a musician. root cause of all security vulnerabilities (mainly) resides with the software, the foundation of all computer systems, where…

  • Does Cloud Guarantees Security?

    There is a wrong perception of Cloud security among consumers of the Cloud solutions and platforms. Actually, classic Clouds are more insecure than traditional computing even though it is set on stone for most people even many “IT professionals” that Cloud computing is natively more secure, or by default it is at least more secure…

  • Penetration Testing vs. Secure Code Review

    What is the best way to make sure a software product is secure?  The easiest way is to roll out to the market and see what is going to happen and hope everything does well…no kidding, that is what most software developers do!  Let’s forget about what majority of software community do and see what…

  • are we still coding, or just copy‑pasting?

    this generation of developers has access to more tools than any other time in history. stackoverflow, github issues, reddit, dev.to, kite, tabnine, intellicode… the list keeps growing. and with every new “assistant,” we get further away from the one thing that actually matters in software development: originality. but let’s be honest — the problem is…

  • 5 Signs Your Code is Insecure

    If you believe a final penetration test is the gatekeeper of your security, you are already behind. Security is not an event that happens at the end of a sprint; it is an architectural decision made at the first line of code. If your process lacks a framework before the test, your “secure” code is…

  • Commitment: The Sole Reason Behind Hackers Supremacy

    Would you put more complex firewall rules when internal nodes are vulnerable due to initial default insecure setup, or setup numerous security tools while setting up more and more insecure nodes at the same time?!