Blog

Get the latest insights on Application Security,
DevSecOps and vulnerability management.

Sign Up Now
Ruby affected by CVE-2024-45409

Ruby affected by CVE-2024-45409

Kondukto Security Team - 09 Oct 2024
AppSecSecure Coding
Linux Kernel effected by CVE-2023-2163

Linux Kernel effected by CVE-2023-2163

Kondukto Security Team - 04 Oct 2024
DevSecOpsASPM
Empowering Developers in AppSec: Scaling and Metrics

Empowering Developers in AppSec: Scaling and Metrics

Andreas Wiese - 19 Sep 2024
ASPMAppSecDevSecOps
Protecting APIs of Modern Applications

Protecting APIs of Modern Applications

Kondukto Security Team - 13 Sep 2024
AppSecDevSecOps
Empowering Developers in AppSec: Triage and Collaboration

Empowering Developers in AppSec: Triage and Collaboration

Andreas Wiese - 09 Sep 2024
AppSecSecure CodingDevSecOps
Enhancing Vulnerability Management with Threat Intelligence

Enhancing Vulnerability Management with Threat Intelligence

Andreas Wiese - 20 Aug 2024
Unified Vulnerability ManagementAppSec
Enhancing AppSec through Fuzzing in CI/CD Pipelines

Enhancing AppSec through Fuzzing in CI/CD Pipelines

Kondukto Security Team - 01 Aug 2024
AppSecSecure Coding
Git SCM affected by CVE-2024-32002

Git SCM affected by CVE-2024-32002

Ali Köse - 20 Jun 2024
DevSecOpsUnified Vulnerability Management
Google Cloud affected by CVE-2021-30476

Google Cloud affected by CVE-2021-30476

Kondukto Security Team - 13 May 2024
Unified Vulnerability ManagementDevSecOps
kntrl integrates Open Policy Agent

kntrl integrates Open Policy Agent

Cenk Kalpakoğlu - 09 May 2024
kntrlDevSecOpsSupply Chain Security
4 Ways to Improve AppSec Accountability

4 Ways to Improve AppSec Accountability

Andreas Wiese - 02 May 2024
AppSecSASTSecure Coding
Securing CI/CD Runners through eBPF

Securing CI/CD Runners through eBPF

Cenk Kalpakoğlu - 01 Apr 2024
kntrlSupply Chain SecurityAppSec
Introducing kntrl: Enhancing CI/CD Security with eBPF

Introducing kntrl: Enhancing CI/CD Security with eBPF

Cenk Kalpakoğlu - 14 Mar 2024
DevSecOpsSupply Chain Securitykntrl
Supply Chain Security Snags

Supply Chain Security Snags

Andreas Wiese - 07 Mar 2024
DevSecOpsSBOMSupply Chain Security
Microsoft Azure CLI affected by CVE-2022-39327

Microsoft Azure CLI affected by CVE-2022-39327

Kondukto Security Team - 28 Feb 2024
DevSecOpsAppSecUnified Vulnerability Management
Splunk Enterprise affected by CVE-2023-40598

Splunk Enterprise affected by CVE-2023-40598

Kondukto Security Team - 05 Feb 2024
DevSecOpsAppSecUnified Vulnerability Management
Running DAST in CI/CD for Regression Testing

Running DAST in CI/CD for Regression Testing

Andreas Wiese - 23 Jan 2024
AppSecDevSecOpsDAST
Why SBOM Matters infographic

Why SBOM Matters infographic

Andreas Wiese - 15 Jan 2024
SBOMSupply Chain Security
Create SBOM on Gradle with the CycloneDX Plugin

Create SBOM on Gradle with the CycloneDX Plugin

Alperen Örsdemir - 10 Jan 2024
SBOMSupply Chain SecurityASPM
Enhancing Security with eBPF: Use Cases Explored

Enhancing Security with eBPF: Use Cases Explored

Cenk Kalpakoğlu - 28 Dec 2023
Container SecurityDevSecOps
A Look into Modern Security Orchestration

A Look into Modern Security Orchestration

Can Taylan Bilgin - 26 Dec 2023
DevSecOpsAppSecASPM
How Malicious Code Enters Applications

How Malicious Code Enters Applications

Andreas Wiese - 07 Dec 2023
ASPMAppSecSupply Chain Security
ASPM and Security Testing Orchestration

ASPM and Security Testing Orchestration

Can Taylan Bilgin - 28 Nov 2023
ASPMSASTSupply Chain Security
Container Security: A Quick Overview

Container Security: A Quick Overview

Andreas Wiese - 21 Nov 2023
Container SecurityAppSecDevSecOps
Unveiling Java Library Vulnerabilities

Unveiling Java Library Vulnerabilities

Alperen Örsdemir - 31 Oct 2023
Supply Chain SecurityAppSec
Get Management Buy-in with AppSec Metrics

Get Management Buy-in with AppSec Metrics

Cenk Kalpakoğlu - 17 Oct 2023
AppSecDevSecOpsSecure Coding
How to Streamline Vulnerability Management

How to Streamline Vulnerability Management

Can Taylan Bilgin - 27 Sep 2023
DevSecOpsASPM
AI Remediation: A massive time-saver

AI Remediation: A massive time-saver

Cenk Kalpakoğlu - 07 Sep 2023
AppSecSecure CodingMachine Learning
How to Shift-Left Better with Git Hooks

How to Shift-Left Better with Git Hooks

Cenk Kalpakoğlu - 22 Aug 2023
AppSecDevSecOps
A Guide to Becoming a Product Security Engineer

A Guide to Becoming a Product Security Engineer

Cenk Kalpakoğlu - 10 Jul 2023
AppSec
Top 10 Reasons To Implement An ASPM Right Now!

Top 10 Reasons To Implement An ASPM Right Now!

Can Taylan Bilgin - 30 May 2023
AppSecDevSecOps
Demo Hub launched for Kondukto Technology Partners

Demo Hub launched for Kondukto Technology Partners

Andreas Wiese - 25 Apr 2023
ASPMAppSecPartnerships
Winning Management Support as an AppSec Leader

Winning Management Support as an AppSec Leader

Can Taylan Bilgin - 18 Apr 2023
AppSecDevSecOps
How To Get Developer Buy-In For AppSec Programs

How To Get Developer Buy-In For AppSec Programs

Can Taylan Bilgin - 08 Mar 2023
DevSecOpsAppSec
How to integrate continuous API fuzzing into the CI/CD?

How to integrate continuous API fuzzing into the CI/CD?

Cenk Kalpakoğlu - 17 Jan 2023
AppSecDevSecOps
OpenAI (ChatGPT) Vulnerability Remediation Concept Work

OpenAI (ChatGPT) Vulnerability Remediation Concept Work

Suphi Cankurt - 13 Dec 2022
AppSecSecure Coding
OWASP ASVS with your security testing tools​

OWASP ASVS with your security testing tools​

Suphi Cankurt - 28 Nov 2022
AppSecASVS
The Economics of ASPM

The Economics of ASPM

Can Taylan Bilgin - 27 Sep 2022
AppSec
Announcing Our Seed Round

Announcing Our Seed Round

Can Taylan Bilgin - 05 Sep 2022
5 Essential Skills to Become a DevSecOps Engineer

5 Essential Skills to Become a DevSecOps Engineer

Barış Ekin Yıldırım - 22 Jul 2022
DevSecOps
3 Ways Using ASVS Can Help Your Organization

3 Ways Using ASVS Can Help Your Organization

Can Taylan Bilgin - 01 Jul 2022
AppSecDevSecOpsASVS
How to boost SAST performance?

How to boost SAST performance?

Cenk Kalpakoğlu - 20 Jun 2022
AppSecDevSecOpsSAST
Insecure Deserialization

Insecure Deserialization

Barış Ekin Yıldırım - 07 Jun 2022
Insecure DeserializationAppSecSecure Coding
How To Generate and Audit SBOM In a CI/CD Pipeline

How To Generate and Audit SBOM In a CI/CD Pipeline

Barış Ekin Yıldırım - 20 May 2022
SBOMDevSecOpsSupply Chain Security
Software Bill of Materials(SBOM) 101

Software Bill of Materials(SBOM) 101

Barış Ekin Yıldırım - 03 May 2022
DevSecOpsSBOMSupply Chain Security
5 Common Mistakes in DevSecOps

5 Common Mistakes in DevSecOps

Cenk Kalpakoğlu - 13 Apr 2022
DevSecOpsAppSec
5 Use Cases of Kondukto CLI in CI/CD pipelines

5 Use Cases of Kondukto CLI in CI/CD pipelines

Can Taylan Bilgin - 24 Jan 2022
AppSecDevSecOps
Vulnerability Management In Your GitFlow

Vulnerability Management In Your GitFlow

Can Taylan Bilgin - 16 Sep 2021
AppSecSecure Coding
Security Training for Developers with Avatao

Security Training for Developers with Avatao

Can Taylan Bilgin - 05 Aug 2021
AppSecSecure Coding
The Essence of DevSecOps: Aligning Multiple Teams

The Essence of DevSecOps: Aligning Multiple Teams

Can Taylan Bilgin - 01 May 2021
AppSecDevSecOps
How to Get the Most Out of Security Training for Developers

How to Get the Most Out of Security Training for Developers

Can Taylan Bilgin - 23 Feb 2021
AppSecSecure Coding
Defensive Programming Tips-2: LDAP Injection

Defensive Programming Tips-2: LDAP Injection

Cenk Kalpakoğlu - 21 Jan 2021
Secure CodingAppSec
4 Key Benefits of Application Security Orchestration

4 Key Benefits of Application Security Orchestration

Can Taylan Bilgin - 30 Sep 2020
AppSec
Cybersecurity As a Marketing Activity

Cybersecurity As a Marketing Activity

Can Taylan Bilgin - 25 Aug 2020
AppSec
5 Circular Phases of Sec in DevSecOps

5 Circular Phases of Sec in DevSecOps

Can Taylan Bilgin - 26 May 2020
DevSecOps
Keep Applications Secure While Keeping Your Distance

Keep Applications Secure While Keeping Your Distance

Can Taylan Bilgin - 08 Apr 2020
AppSec
DevOps vs DevSecOps Differences

DevOps vs DevSecOps Differences

Can Taylan Bilgin - 20 Feb 2020
DevSecOps
Secure Software Development Life Cycle: Beginners Guide

Secure Software Development Life Cycle: Beginners Guide

Can Taylan Bilgin - 23 Jan 2020
DevSecOps
How To Improve AppSec Posture For Starters

How To Improve AppSec Posture For Starters

Can Taylan Bilgin - 29 Nov 2019
AppSec
Why Care About Application Security At All?

Why Care About Application Security At All?

Can Taylan Bilgin - 14 Oct 2019
AppSec
Damage Limitation Strategies for Developers

Damage Limitation Strategies for Developers

Cenk Kalpakoğlu - 19 Sep 2019
Secure Coding
Keep An Eye On Your Remediation Performance

Keep An Eye On Your Remediation Performance

Can Taylan Bilgin - 11 Apr 2019
AppSec
Benefits of Using SAST And DAST In Tandem

Benefits of Using SAST And DAST In Tandem

Kondukto - 29 Jan 2019
AppSecSAST
Why Should “Heap Inspection” Not Be Marked As False Positive?

Why Should “Heap Inspection” Not Be Marked As False Positive?

Cenk Kalpakoğlu - 09 Nov 2018
AppSecSecure Coding
Beginning AppSec Training Program for Developers

Beginning AppSec Training Program for Developers

Cenk Kalpakoğlu - 10 Oct 2018
Secure Coding