develop.secure.software | Practical knowledge for dev and release teams

Threat Research

Go below the surface on tampering: The trouble with software integrity validation

Karlo Zanki

The growing number of software supply chain attacks is putting pressure on validation of software integrity

Threat Research

Karlo Zanki

Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the...

Threat Research

Karlo Zanki

Here's why your software development team needs to think twice before using a powerful third-party plug-in.

Threat Research

Karlo Zanki

Python packages can contain sensitive information. Here's how software development teams can keep secrets secret.

Threat Research

Karlo Zanki

Today almost everyone knows that they need to protect their publicly exposed services and applications against the...

Threat Research

Karlo Zanki

Recognize risks introduced by statically linked third-party libraries.

Threat Research

Karlo Zanki

The growing number of software supply chain attacks is putting pressure on validation of software integrity

Threat Research

Karlo Zanki

Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the...

Threat Research

Karlo Zanki

Here's why your software development team needs to think twice before using a powerful third-party plug-in.

Threat Research

Karlo Zanki

Python packages can contain sensitive information. Here's how software development teams can keep secrets secret.

Threat Research

Karlo Zanki

Today almost everyone knows that they need to protect their publicly exposed services and applications against the...

Threat Research

Karlo Zanki

Recognize risks introduced by statically linked third-party libraries.