Platform
Kondukto Platform
Overview
Automation
Vulnerability Management
Integrations
SBOM
AppSec Metrics
Integrations
Resources
Resources
Blog
Demo Videos
Customer Stories
Savings Calculator
Candyshop Devsecops
Enterprise ASPM
Developers
Change Log
Documentation
Kondukto CLI (KDT)
AppSec Maturity
AppSec Novice
AppSec Mover
AppSec Expert
Roles
CISO
AppSec
DevSecOps
Use Cases
Security KPIs
Workflow Automation
Vulnerability Management
AppSec Posture Management
Security Testing Orchestration
Company
About Us
Careers
Events
GET A DEMO
Platform
Kondukto Platform
Overview
Automation
Vulnerability Management
Integrations
SBOM
AppSec Metrics
Integrations
Resources
Resources
Blog
Demo Videos
Customer Stories
Savings Calculator
Candyshop Devsecops
Enterprise ASPM
Developers
Change Log
Documentation
Kondukto CLI (KDT)
Use Cases
Security KPIs
Workflow Automation
Vulnerability Management
AppSec Posture Management
Security Testing Orchestration
AppSec Maturity
AppSec Novice
AppSec Mover
AppSec Expert
Roles
CISO
AppSec
DevSecOps
Company
- About Us
- Careers
Events
Defensive Programming Tips-1: Bad URL Handling Patterns
Cenk Kalpakoğlu
20 Jul 2020
AppSec
//<user>:<password>@<host>:<port>/<url-path>
Get A Demo
I would like to receive email updates from Kondukto. By submitting this form you agree to the terms listed in our
Privacy Policy
and our
EULA.
Share
Building Secure by Default A Guide to 0-CVE Container Images
Koray Ağaya - 16 Apr 2025
GH Actions changed-files supply chain attack: What happened?
Cenk Kalpakoğlu - 18 Mar 2025
Customizable Roles and Permission in ASPM Platforms
Can Taylan Bilgin - 27 Feb 2025
The Advantage of Using VEX SBOMs
Ben Strozykowski - 18 Feb 2025
Generating build-time SBOMs with CycloneDX and Kondukto
Luis Pereira - 20 Jan 2025
Okta vulnerability explained (bcrypt auth bypass)
Cenk Kalpakoğlu - 05 Nov 2024
eBPF Vulnerabilities: Ecosystem and Security Model
Andreas Wiese - 31 Oct 2024
Ruby affected by CVE-2024-45409
Kondukto Security Team - 09 Oct 2024
Secure Coding
AppSec
Linux Kernel effected by CVE-2023-2163
Kondukto Security Team - 04 Oct 2024
ASPM
DevSecOps
Empowering Developers in AppSec: Scaling and Metrics
Andreas Wiese - 19 Sep 2024
DevSecOps
AppSec
ASPM
Protecting APIs of Modern Applications
Kondukto Security Team - 13 Sep 2024
DevSecOps
AppSec
Empowering Developers in AppSec: Triage and Collaboration
Andreas Wiese - 09 Sep 2024
DevSecOps
Secure Coding
AppSec
Enhancing Vulnerability Management with Threat Intelligence
Andreas Wiese - 20 Aug 2024
AppSec
Unified Vulnerability Management
Enhancing AppSec through Fuzzing in CI/CD Pipelines
Kondukto Security Team - 01 Aug 2024
Secure Coding
AppSec
Git SCM affected by CVE-2024-32002
Ali Köse - 20 Jun 2024
Unified Vulnerability Management
DevSecOps
Bring-Your-Own-Data (BYOD) to the Kondukto Platform
Cenk Kalpakoğlu - 04 Jun 2024
Google Cloud affected by CVE-2021-30476
Kondukto Security Team - 13 May 2024
DevSecOps
Unified Vulnerability Management
kntrl integrates Open Policy Agent
Cenk Kalpakoğlu - 09 May 2024
Supply Chain Security
DevSecOps
kntrl
4 Ways to Improve AppSec Accountability
Andreas Wiese - 02 May 2024
Secure Coding
SAST
AppSec
Securing CI/CD Runners through eBPF
Cenk Kalpakoğlu - 01 Apr 2024
AppSec
Supply Chain Security
kntrl
Introducing kntrl: Enhancing CI/CD Security with eBPF
Cenk Kalpakoğlu - 14 Mar 2024
kntrl
Supply Chain Security
DevSecOps
Supply Chain Security Snags
Andreas Wiese - 07 Mar 2024
Supply Chain Security
SBOM
DevSecOps
Microsoft Azure CLI affected by CVE-2022-39327
Kondukto Security Team - 28 Feb 2024
Unified Vulnerability Management
AppSec
DevSecOps
Splunk Enterprise affected by CVE-2023-40598
Kondukto Security Team - 05 Feb 2024
Unified Vulnerability Management
AppSec
DevSecOps
Running DAST in CI/CD for Regression Testing
Andreas Wiese - 23 Jan 2024
DAST
DevSecOps
AppSec
Why SBOM Matters infographic
Andreas Wiese - 15 Jan 2024
Supply Chain Security
SBOM
Create SBOM on Gradle with the CycloneDX Plugin
Alperen Örsdemir - 10 Jan 2024
ASPM
Supply Chain Security
SBOM
Enhancing Security with eBPF: Use Cases Explored
Cenk Kalpakoğlu - 28 Dec 2023
DevSecOps
Container Security
A Look into Modern Security Orchestration
Can Taylan Bilgin - 26 Dec 2023
ASPM
AppSec
DevSecOps
How Malicious Code Enters Applications
Andreas Wiese - 07 Dec 2023
Supply Chain Security
AppSec
ASPM
ASPM and Security Testing Orchestration
Can Taylan Bilgin - 28 Nov 2023
Supply Chain Security
SAST
ASPM
Container Security: A Quick Overview
Andreas Wiese - 21 Nov 2023
Container Security
DevSecOps
AppSec
Unveiling Java Library Vulnerabilities
Alperen Örsdemir - 31 Oct 2023
Supply Chain Security
AppSec
Get Management Buy-in with AppSec Metrics
Cenk Kalpakoğlu - 17 Oct 2023
Secure Coding
DevSecOps
AppSec
How to Streamline Vulnerability Management
Can Taylan Bilgin - 27 Sep 2023
ASPM
DevSecOps
AI Remediation: A massive time-saver
Cenk Kalpakoğlu - 07 Sep 2023
Machine Learning
Secure Coding
AppSec
How to Shift-Left Better with Git Hooks
Cenk Kalpakoğlu - 22 Aug 2023
DevSecOps
AppSec
A Guide to Becoming a Product Security Engineer
Cenk Kalpakoğlu - 10 Jul 2023
AppSec
Top 10 Reasons To Implement An ASPM Right Now!
Can Taylan Bilgin - 30 May 2023
DevSecOps
AppSec
Demo Hub launched for Kondukto Technology Partners
Andreas Wiese - 25 Apr 2023
Partnerships
AppSec
ASPM
Winning Management Support as an AppSec Leader
Can Taylan Bilgin - 18 Apr 2023
DevSecOps
AppSec
How To Get Developer Buy-In For AppSec Programs
Can Taylan Bilgin - 08 Mar 2023
AppSec
DevSecOps
How to integrate continuous API fuzzing into the CI/CD?
Cenk Kalpakoğlu - 17 Jan 2023
DevSecOps
AppSec
OpenAI (ChatGPT) Vulnerability Remediation Concept Work
Suphi Cankurt - 13 Dec 2022
Secure Coding
AppSec
OWASP ASVS with your security testing tools
Suphi Cankurt - 28 Nov 2022
ASVS
AppSec
Application Security Engineer: Salary, Skills, Requirements
Suphi Cankurt - 10 Oct 2022
AppSec
The Economics of ASPM
Can Taylan Bilgin - 27 Sep 2022
AppSec
Announcing Our Seed Round
Can Taylan Bilgin - 05 Sep 2022
What is Application Security Orchestration and Correlation?
Can Taylan Bilgin - 30 Aug 2022
AppSec
Dockerfile Security Best Practices with Semgrep
Cenk Kalpakoğlu - 25 Aug 2022
5 Essential Skills to Become a DevSecOps Engineer
Barış Ekin Yıldırım - 22 Jul 2022
DevSecOps
3 Ways Using ASVS Can Help Your Organization
Can Taylan Bilgin - 01 Jul 2022
ASVS
DevSecOps
AppSec
How to boost SAST performance?
Cenk Kalpakoğlu - 20 Jun 2022
SAST
DevSecOps
AppSec
Insecure Deserialization
Barış Ekin Yıldırım - 07 Jun 2022
Secure Coding
AppSec
Insecure Deserialization
How To Generate and Audit SBOM In a CI/CD Pipeline
Barış Ekin Yıldırım - 20 May 2022
Supply Chain Security
DevSecOps
SBOM
Software Bill of Materials(SBOM) 101
Barış Ekin Yıldırım - 03 May 2022
Supply Chain Security
SBOM
DevSecOps
5 Common Mistakes in DevSecOps
Cenk Kalpakoğlu - 13 Apr 2022
DevSecOps
AppSec
5 Use Cases of Kondukto CLI in CI/CD pipelines
Can Taylan Bilgin - 24 Jan 2022
DevSecOps
AppSec
Vulnerability Management In Your GitFlow
Can Taylan Bilgin - 16 Sep 2021
Secure Coding
AppSec
Security Training for Developers with Avatao
Can Taylan Bilgin - 05 Aug 2021
Secure Coding
AppSec
The Essence of DevSecOps: Aligning Multiple Teams
Can Taylan Bilgin - 01 May 2021
DevSecOps
AppSec
How to Get the Most Out of Security Training for Developers
Can Taylan Bilgin - 23 Feb 2021
Secure Coding
AppSec
Defensive Programming Tips-2: LDAP Injection
Cenk Kalpakoğlu - 21 Jan 2021
AppSec
Secure Coding
4 Key Benefits of Application Security Orchestration
Can Taylan Bilgin - 30 Sep 2020
AppSec
Cybersecurity As a Marketing Activity
Can Taylan Bilgin - 25 Aug 2020
AppSec
Software Developers : Scapegoats For Security Vulnerabilities
Can Taylan Bilgin - 18 Jun 2020
DevSecOps
5 Circular Phases of Sec in DevSecOps
Can Taylan Bilgin - 26 May 2020
DevSecOps
Keep Applications Secure While Keeping Your Distance
Can Taylan Bilgin - 08 Apr 2020
AppSec
DevOps vs DevSecOps Differences
Can Taylan Bilgin - 20 Feb 2020
DevSecOps
Secure Software Development Life Cycle: Beginners Guide
Can Taylan Bilgin - 23 Jan 2020
DevSecOps
How To Improve AppSec Posture For Starters
Can Taylan Bilgin - 29 Nov 2019
AppSec
Why Care About Application Security At All?
Can Taylan Bilgin - 14 Oct 2019
AppSec
Damage Limitation Strategies for Developers
Cenk Kalpakoğlu - 19 Sep 2019
Secure Coding
Automating Issue Assignment In Vulnerability Management
Kondukto - 01 Jul 2019
AppSec
What Is The Optimal Security Scan Time For My Applications?
Can Taylan Bilgin - 22 May 2019
AppSec
Keep An Eye On Your Remediation Performance
Can Taylan Bilgin - 11 Apr 2019
AppSec
Benefits of Using SAST And DAST In Tandem
Kondukto - 29 Jan 2019
SAST
AppSec
Why Should “Heap Inspection” Not Be Marked As False Positive?
Cenk Kalpakoğlu - 09 Nov 2018
Secure Coding
AppSec
Beginning AppSec Training Program for Developers
Cenk Kalpakoğlu - 10 Oct 2018
Secure Coding
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30)){kind=logo}
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))
:quality(30))