Why is peer approval critical to DevSecOps success?

DevSecOps tooling can be bypassed and ignored if proper development processes are not enforced, and this is where peer approvals come in

read more

Punk Security Birthday CTF 2024

As we celebrate another year of Punk Security, we went back to the drawing board to develop some awesome new DevSecOps-themed CTF challenges.

read more

How to search organisation-wide cloudtrails with Athena

AWS Athena is the easiest way to search organisation-wide cloudtrails implemented by AWS Control Tower. In this blog, we walk you through it.

read more

Base tag HTML injection: A guide for pentesters

We’re diving deep into a lesser-discussed variant of HTML injection that isn’t very well known at all, Base Tag Injection.

read more

SQL Server Migration in More Complex Cases

Typically, a SQL Server Migration is performed fully automated via Data Migration Assistant, however, in the cases where that’s not possible, a more manual approach to migration is required.

read more

Streamline Your Tests: Mocking APIs with VCR.py

Developers typically use the unittest.mock module to patch the requests library directly, replacing real HTTP calls with mock objects. vcrpy makes it much easier.

read more