appsconsultant.com

appsconsultant.com

  • Home
  • About
      • About us

        Flexibility is the biggest selling point that we have over our larger rivals. We give our clients the freedom needed to thrive in today’s fast-paced business world, organisations say to us that they often see higher quality work from independent consultants like us, this reason is the primary motivator when choosing us over a big firm. This means that we have the same skills and experience as the big firms, with added freedom and flexibility to let us focus and resolve client requirements.

      • Latest news
        Be a leader who leads with HEART

        Great leaders know how to blend the analytical with the emotional. That doesn't make you a softie. Just the opposite. Some tips

        H: Humility

        E: Excellence

        A: Authentic

        R: Reliable

        T: Trust

         

        More tips for online meetings

        Say 'Thank you' and 'Please'

        Do not Respond to Negativity

        Do not nitpick

        Talk less but say more

        Listen without interrupting

         

         

         

         

        10 Disruptive ideas in 2021-2022

         

        BIG DISRUPTIVE IDEAS 2021-2022

        1 - Deep Learning (AI)

        2 - Virtual Worlds (Gaming and AR/VR)

        3 - Digital Wallets

        4 - Bitcoin Fundamentals

        5 - Electric Vehicles (EVs)

        6 - Online Web and Biometric Security

        7 - Autonomous Ride-Hailing

        8 - Delivery Drones

        9 - Orbital Aerospace

        10 - Home 3D Printing

        Happiness hacks

         

         

      • What we offer

        Business & Technology Consulting

        We offer clients specialised consulting in areas that we deeply understand. Our services include:

        • - Skills To Envision, Design And Develop Enterprise Apps
        • - Talent For SaaS/PaaS/IaaS In The Cloud
        • - API Architecture
        • - Data Science Talent
        • - ALM deployments – Agile/Devops
        Read more
  • Services
  • Blog
  • Contact
  • Home | 
  • Blog | 
  • Reinforce application security developed on AWS/ Azure - Options

Reinforce application security developed on AWS/ Azure - Options

by Alex Antonatos
on 23 April 2019

Most corporations are adopting a DevSecOps approach - by maximising automation and trying to reduce manual intervention as much as possible.

In continuous delivery environment , most companies dont have the resources and probably not possible to have a team out of project to proceed with security test in a continuous delivery approach.

 

When looking for a solution , here are the requirements that you should focus on :

 

Detection of application code vulnerabilities:

  1. Cover the entire application
  2. Be able to set security rules
  3. Ability to perform incremental scans
  4. Acceptable false positive rate
  5. Detection must not impact application performance
  6. anonymization of the name of the applications for the vulnerabilities reported

Automation of detection:

  1.   Integration with Continuous delivery platforms (example: Concourse, Jenkins)
  2.   Build in case of discovery of vulnerabilities

Reporting:

  1.   Integrate with bug management tools
  2.   Raising indicators specific to each application in a portal

Dont build i think its a mistake, the market is moving towards solutions that are SaaS and most of these companies are building a blackbox type of security solution, buy a market solution and integrate it

here is a starter list:

1) Veracode https://www.veracode.com/

2) Checkmarx https://www.checkmarx.com/

3) IBM AppScan Entreprise https://www.ibm.com/security/solutions

4) Contrast Security Assess https://www.contrastsecurity.com/interactive-application-security-testing-iast 

 

 

 

 

 

 

 

 

 

 

Categories
  • Blogue (Francais)
  • Enterprise applications
2305 Rockland Rd Mount Royal, QC H3P 3E9
514-240-40907 Days a week from 9:00 am to 7:00 pm
alex@appsconsultant.com
appsconsultant.com © 2021. Privacy Policy
Login
 Facebook  Google

username / password