Posts tagged “api security”



December 22, 2021, 12:00am

What is "Stored" Log4Shell ?

Alban Diquet
By Alban Diquet

Data Theorem

What is “Stored Log4Shell” and how is it different than the regular Log4Shell issue?



October 16, 2020, 12:00pm

Securing the CI/CD pipeline in Pre-Production

Himanshu Dwivedi
By Himanshu Dwivedi

Data Theorem

A CI/CD pipeline automates your software delivery process. The pipeline builds code, runs tests (CI), and safely deploys a new version of the application (CD).

Automated pipelines remove manual errors, provide standardized feedback loops to developers, and enable fast product iterations to keep up with the modern pace of software development. This blog provides steps to automatically begin this in pre-production releases.



September 17, 2020, 3:00pm

Why Are APIs Important?

Felicia Haggarty
By Felicia Haggarty

Data Theorem

Before approaching API security, the biggest question we need to ask ourselves is “What is our process for discovering new or changed APIs or microservices? Can we comfortably say we know where all our APIs are?



October 31, 2019, 11:00am

Lessons From the Trenches: Mobile AppSec Program

Felicia Haggarty
By Felicia Haggarty

Data Theorem

When beginning a mobile appsec program, there are several metrics you establish to define success in the first six months, one year and beyond. What is less mentioned is the human element to creating a successful program and changing the internal security and devops culture on the road to a devsecops approach.

This customer would like to remain anonymous, but shares valuable tips for how they approached their appsec program in a large company, with a large number of apps available to their customers, and many teams that have to interact in order to achieve 100% Data Theorem protection.



August 30, 2019, 9:30am

Serverless versus Containers: A Real-World Case Study of Building a Microservice

Alban Diquet
By Alban Diquet

Data Theorem

We determined that the best way to confirm or refute conventional wisdom was to put both serverless and container architectures to a head-to-head test.

In this blog, we'll present the results of this Serverless VS Containers experimentation. You will get an overview of what we discovered in terms of benefits and downsides of each technology, and how to deploy, use, and secure them in the context of a "real-world" application.



Security for DevOps: Enterprise Survey Report

ESG Analyst Report

ESG surveyed 371 IT and cybersecurity professionals with responsibility for cloud programs to weigh in on security.