better appsec @betterappsec
Application, Cloud, Product, & AI Security driven content and expertise for your pursuit of better. Created by @jameschiapet betterappsec.com Joined April 2021-
Tweets61
-
Followers97
-
Following89
-
Likes35
Want to cut risk, win over Developers, and finally prove AppSec’s value? Check out this post to see how the "one vulnerability at a time" campaign model can help. betterappsec.com/one-vulnerabil… #cybersecurity #applicationsecurity #appsec #artificialintelligence #SoftwareEngineering
Here is our take on how AI and LLMs are changing Application Security (AppSec) products, such as SAST and DAST, for the better. betterappsec.com/the-future-of-… #applicationsecurity #appsec #cybersecurity #LLMs #ArtificialIntelligence #Software
Our new post tries to unravel the App & Cloud Security product market with support from the community. betterappsec.com/making-sense-o… #applicationsecurity #appsec #cybersecurity #ai #cloudsec #cloudsecurity
A look at how Artificial Intelligence (AI) products and features are driving scale for both Application Security (AppSec) and broader Cyber teams. betterappsec.com/how-ai-is-help… #appsec #applicationsecurity #cybersecurity #ai #artificialintelligence
Keshav Malik takes you through how JWTs are used in modern web applications! #appsec #applicationsecurity #jwt #authentication #softwaredevelopment #oauth2 #cybersecurity betterappsec.com/json-web-token…
Without data, many companies would be irrelevant. It’s their ticket to success and protecting it in the cloud should be a first order problem. betterappsec.com/how-to-build-a… #cloudsecurity #applicationsecurity #CyberSecurity #aws #informationsecurity
Vulnerability Elimination is a process that requires patience and consistent effort. This post could hopefully help you in your journey. betterappsec.com/mastering-vuln… #applicationsecurity #appsec #cloudsecurity #cybersecurity #sdlc #softwaredevelopment #securityoperations
Here is our take on how Gen AI tools can start to help scale Application Security's code analysis and threat modeling workflows. betterappsec.com/how-automated-… #applicationsecurity #appsec #artificialintelligence #sdlc #cybersecurity #cloudsecurity #cloudsec #Software
Thanks for all the kind messages about github.com/crashappsec/ch… this week. Lovely to hear such positive feedback about we have done so far and plan to do in the future. Happy Friday!
✏️ Announcing: Chalk A new OSS tool that aims to make it easy to trace apps from source code to production It can be used for SBOMs, code provenance, to be SLSA level 2 compliant, to create a real-time application inventory, and more By @crashappsec crashoverride.com/blog/chalk-is-…
A lot of collaboration went into this, and we hope it serves an intro to our journey of using AI tools to further scale cybersecurity. #CyberSecurity #applicationsecurity #cloudsecurity #ArtificialIntelligence #SoftwareEngineering betterappsec.com/an-ai-primer-f…
Technical Program Management (TPM) is key to a mature Application and Cloud Security program. It paves the way for secure-by-design operational efficiency. betterappsec.com/expedite-innov… #cybersecurity #applicationsecurity #cloudsecurity #leadership #appsec #cloudsec
Today, I came across an interesting article that describes the best practices for organizational units when using AWS Organizations. The article proposes recommended foundational OUs, which I have summarised at cloudsecdocs.com/aws/services/i…
A guide to structuring a secure code review process and why it’s important for every Application & Cloud Security team to have one. betterappsec.com/building-a-pra… #applicationsecurity #cloudsecurity #cybersecurity #appsec #cloudsec #softwaredevelopment #sdlc
💪 How to Achieve Application & Cloud Security Resilience * Security scanning types * Where to perform comprehensive vs targeted scans * Building a high quality detection set * The art of root cause analysis * Useful metrics By @jameschiapet #appsec betterappsec.com/how-to-scale-a…
A guide to building a truly resilient Application and Cloud Security program through automation and data. betterappsec.com/how-to-scale-a… #cloudsecurity #automation #cybersecurity #applicationsecurity #appsec #cloudsec
🗒️ A Dive Into Web Application Authentication @jameschiapet discusses: * The difference between authentication and authorization * Why we need MFA * How "sign in with" works * SSO * Passwordless authentication * API authentication * Deep links betterappsec.com/a-medium-dive-…
When assessing web applications, ask: 1. How is CSRF implemented? 2. Is caching implemented? 3. How is info passed between various parts of the system? 4. How do all the pieces of authentication work? 5. Is there documentation? #bugbounty #bugbountytips
When assessing web applications, ask: 1. How is CSRF implemented? 2. Is caching implemented? 3. How is info passed between various parts of the system? 4. How do all the pieces of authentication work? 5. Is there documentation? #bugbounty #bugbountytips
A dive into web authentication: betterappsec.com/a-medium-dive-… Thanks to all that helped with this as it was a team effort. #appsec #applicationsecurity #cybersecurity #devops
If you are looking for ideas on how to effectively identify, remediate and eliminate Authorization vulnerabilities at scale in your org, consider reading this guide where I walk through an example scenario and some SAST rules - anshumanbhartiya.com/posts/detect-a… #appsec #prodsec #security
Prasanna Karthikeyan @darkvicinity
117 Followers 156 Following Options Trader | Cybersecurity Engineer. Interests :: Boxing | Movies | Books | Politics
Natalia Kazankova @speaktoyoulater
7 Followers 31 Following
r3f4ct0r @r3f4ct0r
72 Followers 268 Following Cybersecurity Professional, Developer, Technology Evangelist | CISSP, CSSLP, CCSP, HCISPP, CISM | #infosec #appsec #api
A @appsecmonitor
4 Followers 484 Following
Vinay Kumar @vinkrp
84 Followers 679 Following Open-source code is the operating system of civilization | AppSec Founder | Stealth Startup
FishHead @RootMePLS
155 Followers 762 Following - CIO - Infrastructure overlord - Hiker and ultra runner
amrAx @AmrMalakX
213 Followers 3K Following Appsec & Software engineer who knows a thing or two. Or maybe three. Probably two.
KIRTAN PATEL @kirtan_patel24
136 Followers 508 Following Just getting started with cyber security and investments. Grad student in security @CMU | Ex SDE1 @Amazon
Paul Bleicher @Paul_Bleicher
482 Followers 799 Following Building @KonvuInc | 😍 DevTools, security, 🧀 , ☕ and 🍷 | Prev @SqreenIO @Athenian
Aikido Security @AikidoSecurity
3K Followers 1K Following secure everything you build, host, and run with aikido get devs back to building.
Roland Emmanuel Salun... @RESalunga
90 Followers 171 Following Security Engineer | Former SWE w/ 10 YoE | Tweets are my own | Interested in: #AppSec #DevSecOps #CloudSec #InfoSec #Pentest
lk @byc_io
22 Followers 2K Following
Igor Venturelli @igventurelli
23 Followers 120 Following The guy who is building https://t.co/g3NvWGsUO6 - a chrome extension that solves online multiple choice questions without leaving the page
Adimar @Bezosis169427
659 Followers 3K Following 🏴Ni dieu, ni maître🏴 -Powered by creatine -Once striked by lightning ⚡ -unvaxxed
Ryan Brown @rmbrown4101990
0 Followers 47 Following Application Security evangelist but new to twitter
CtrlShiftSec @CtrlShiftSec
2 Followers 27 Following 🔍💡 Martins' tech & security insights. Navigating cyber-safety with clarity. #CyberSec #InfoSec
Jon Chittenden @loljawn
58 Followers 87 Following
Amit Chita @amit_chita
135 Followers 264 Following Co-Founder of Atom Security - acquired by https://t.co/RFjYSkLfDK
Shreyans Kumar Jain @shreyansjain33
164 Followers 1K Following InfoSec_Dance_Tech. Tweets are personal.
Sandesh Anand @JubbaOnJeans
2K Followers 542 Following Building https://t.co/57VM8r27MM Idly-Dose fan. InfoSec. Journalism. Tech. Cricket. Bangalore. Birding. Ex Razorpay . Ex Cigital/Synopsys
AppSec Village @AppSec_Village
11K Followers 6K Following AppSec Village @DEFCON & @RSAConference A volunteer-run, non-profit focused on education, awareness, and community. Founded by @erezyalon and @tzionit411.
sajj @QiasSajad
0 Followers 1K Following
Dileep Dasari @ajnathe3rd
30 Followers 229 Following
Curtis @ccastrapel
345 Followers 2K Following Founder of Noq Software, open sourced https://t.co/gY1CA0vkba, fighting the good fight with cloud complexity. When I'm not doing that, you can find me hanging ten 🤙
Daniel S. @foyde
230 Followers 391 Following Arstotzko. De la misma Gennistora. Botarate en la planta de oportunidades. Superheterodino
Ikiugu @vikiugu
174 Followers 2K Following
Mend.io @Mend_io
11K Followers 3K Following The #AppSec provider of choice for six out of 10 of the world’s most demanding software developers.
Ayoub ELMOKHTAR @aessadek
1K Followers 434 Following I strive to impress myself - senior offsec engineering / redteam at @Noon - opinions are my own
cjbischoff @cjbischoff
75 Followers 968 Following Professional water slide tester (creativity lazy- pragmatic - slight misanthrope)
Harris Tweeter @harris0tweeter
0 Followers 14 Following
Munish Kharb @cipher_420
75 Followers 755 Following Security Engineer, father 👧, Trying to learn some new stuff and unlearn lot of things.
Nimay Parekh @nimayx
9K Followers 3K Following Cyber + AI Founder & Executive | @GV, @Sequoia, @Blackstone, @Softbank, @Insightpartners Operator | @TEDx Speaker, @INSEAD MBA, @Forbes Council, @WhiteHouse PIF
Mixeway @Mixeway1
340 Followers 2K Following Mixeway is OpenSource Vulnerability Scanner automation tool meant to make (Sec) inside DevSecOps easier #DevSecOps #DevSec #CICD #SecurityAutomation
Dharmendra Gupta @ItsDg4u
68 Followers 381 Following Security Professional | Trainer | Crew @Cloudvillage_dc | Always a Learner
SriLakshmi @L0xm1_07
275 Followers 727 Following Security @_groww || Web Security Researcher || CTF's with @teambi0s and @teamshakti06
Paul Bleicher @Paul_Bleicher
482 Followers 799 Following Building @KonvuInc | 😍 DevTools, security, 🧀 , ☕ and 🍷 | Prev @SqreenIO @Athenian
Proton Mail @ProtonMail
67K Followers 28 Following The world's largest secure & private email provider. Swiss-based, end-to-end encrypted, and free. Brought to you by the scientists behind @ProtonPrivacy.
Aikido Security @AikidoSecurity
3K Followers 1K Following secure everything you build, host, and run with aikido get devs back to building.
ᴅᴀɴɪᴇʟ ᴍɪ... @DanielMiessler
148K Followers 970 Following Building AI that upgrades humans and organizations. ʜᴜᴍᴀɴ 𝟤.𝟢 🟩🟩⬛️⬛️⬛️⬛️ ʜᴜᴍᴀɴ 𝟥.𝟢
Proton @ProtonPrivacy
333K Followers 465 Following A better internet starts with privacy. Stay in control with e2e encrypted email, drive, docs, password mng, AI, & VPN. 🫶 Help @ProtonSupport 🐈⬛ New @asklumo
AWS Security @AWSSecurityInfo
62K Followers 157 Following The official Twitter profile for AWS Security. Infrastructure and services to elevate your security in the cloud
Cloudflare @Cloudflare
229K Followers 5K Following Cloudflare is the world’s leading #ConnectivityCloud, and we have our eyes set on an ambitious goal — to help build a #BetterInternet.
LastPass @LastPass
47K Followers 1K Following LastPass is a leading identity and password manager, making it easier to log in to life and work.
Bitwarden @Bitwarden
115K Followers 166 Following Bitwarden equips enterprises and individuals with trusted security solutions for passwords, secrets, and passkey management.
1Password @1Password
141K Followers 19 Following The best way to keep you, your family, and business safe online. Go ahead. Forget your passwords. | Customer Support 👉 https://t.co/pSnf9gdlos
AppSec Village @AppSec_Village
11K Followers 6K Following AppSec Village @DEFCON & @RSAConference A volunteer-run, non-profit focused on education, awareness, and community. Founded by @erezyalon and @tzionit411.
SANS Institute @SANSInstitute
191K Followers 417 Following SANS is the most trusted and by far the largest source for information & cyber security training, certification and research in the world.
Dark Reading @DarkReading
342K Followers 48 Following One of the most widely read and trusted cybersecurity news sites, providing IT security professionals informed insights into the latest news and trends.
CSOonline @CSOonline
63K Followers 767 Following CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of growing threats & defend against cyberattacks.
Infosecurity Magazine @InfosecurityMag
242K Followers 869 Following The only magazine dedicated to the strategy and technology of information security, delivering critical business and technical information for IT professionals.
Dazz @Dazz_io
185 Followers 125 Following We help security and engineering teams accelerate remediation and reduce risk.
Qwiet AI @QwietAI
403 Followers 29 Following The AI powered AppSec platform that your developers will love
ShiftLeft @ShiftLeftInc
1K Followers 223 Following ShiftLeft is now @QwietAI! Learn more about the new preZero platform, driven by a powerful AI engine.
Stuart McClure @stuartmcclure
2K Followers 82 Following 30+ years in security and technology including former Founder/CEO Cylance, Global CTO for McAfee/Intel, Founder Foundstone, Founding author Hacking Exposed.
Lacework @Lacework
19K Followers 568 Following Lacework is now a part of @Fortinet. Follow us there for the latest product news!
Palo Alto Networks @PaloAltoNtwks
128K Followers 466 Following Our Mission: Cybersecurity partner of choice, protecting our digital way of life.
Curtis @ccastrapel
345 Followers 2K Following Founder of Noq Software, open sourced https://t.co/gY1CA0vkba, fighting the good fight with cloud complexity. When I'm not doing that, you can find me hanging ten 🤙
OWASP® Foundation @owasp
213K Followers 532 Following We improve the security of apps with community-led open source projects, 260 local chapters, and tens of thousands of members worldwide. Famous for OWASP Top 10
John Viega @viega
2K Followers 304 Following CEO of Crash Override. GCM-AES. Gnu Mailman. Building Secure Software, OpenSSL book, ...
Crash Override @crashappsec
3K Followers 229 Following Automate total visibility across your software delivery pipeline
Anshuman Bhartiya @anshuman_bh
5K Followers 3K Following I love Security, Automation, Innovation, Challenges and Changes. My opinions here, not my employers. https://t.co/MrnjVztqTu
Ayman Elsawah ☕👋... @coffeewithayman
2K Followers 3K Following Head of Security | Coffee Nerd | 🎙️✍🏼
NCC Group Research & ... @NCCGroupInfosec
20K Followers 2K Following Technical account for global cyber security & resilience provider, NCC Group. This account is run alongside the @NCCGroupplc corporate account.
KJC @zdkano
165 Followers 471 Following Head of Application Security || Mainly AppSec...cars, bikes and CrossFit are fun too! || Prolific retweeter!
Evan Helbig @evan_helbig
5 Followers 58 Following Building and protecting the world through application security
Marco Lancini @lancinimarco
6K Followers 371 Following 💼 Principal Security Engineer 💬 I tweet about Cloud Security and technical leadership ✍🏻 Subscribe to https://t.co/MR69KiF8RH 📚 https://t.co/TrQKzxfnYg is out now!
Threatpost @threatpost
212K Followers 6K Following Threatpost is the first stop for fast-breaking security news, conversations and analysis from around the world.
TechTarget News @TechTargetNews
33K Followers 1K Following Sharing the latest tech news, tips and in-depth insights, covering AI, cloud, cybersecurity, DevOps and more from the Editorial team at @InformaTTGT!
Metasploit Project @metasploit
253K Followers 185 Following Official account of the Metasploit Project, part of the @rapid7 family. Mastodon: @[email protected] Slack: https://t.co/ZOLPDG2O2s
Black Duck @BlackDuck_SW
36K Followers 20K Following True Scale Application Security — Uncompromised trust in software for the regulated, AI-powered world
François Proulx @francoisproulx
499 Followers 404 Following Senior Product Security Expert at https://t.co/W9ORax2pW6
Magno Logan @magnologan
3K Followers 4K Following Application Security Specialist. Secure Coding and DevSecOps Instructor. Promoted == Blocked!
Makai McClintock @MakaiMcclintock
15 Followers 42 Following Helping Companies Automate AppSec 💻 Leveraging Crowdsourced Vulns from Elite Ethical Hackers 💪
Luke Young @TheBoredEng
2K Followers 441 Following I find bugs and exploit them. Sometimes for money, mainly for free T-Shirts.
John Villamil @day6reak
718 Followers 308 Following
The Daily Swig @DailySwig
11K Followers 393 Following Web security news and views. The latest on bug bounty programs, technical research, hacking tools, and more. DMs open for tips.
PortSwigger Research @PortSwiggerRes
111K Followers 7 Following Web security research from the team at @PortSwigger
Cobalt @cobalt_io
9K Followers 562 Following Offensive security testing for security and development teams.
HackerOne @Hacker0x01
324K Followers 3K Following The only official HackerOne Twitter account. A global leader in offensive security solutions. #HackForGood #togetherwehitharderTrends for United States
You might like
