Ivan PiskunovSecure SDLC (Part 2): ASOC, ASPM, DevSecOps and the AppSec futureDive dive into Secure SDLC by SecChamp, senior engineer and AppSec managerApr 22Apr 22
Ivan PiskunovSecure SDLC (Part 1): issues, approach, tech metrics, team’s KPIDive dive into Secure SDLC by SecChamp, senior DevSecOps engineer and AppSec managerApr 14Apr 14
Ivan PiskunovA little bit about Node.JS security by handsThis short doc intend provide a simple guidelines on how to secure a Node.js application.Apr 5, 2023Apr 5, 2023
Ivan PiskunovExpress Guide Sysdig Falco — install and configSysdig Falco — a tool for detecting anomalies and monitoring system activity. It works both on the host and in containers, if required.Jul 25, 2022Jul 25, 2022
Ivan PiskunovAPI Security ChecklistChecklist of the most important security countermeasures when designing, testing, and releasing your API.Jul 13, 2022Jul 13, 2022
Ivan PiskunovThe security mechanisms in microservice architecturesWith the introduction of a microservice architecture, the components responsible for authorization are moved to a separate microservice…Jul 11, 2022Jul 11, 2022
Ivan PiskunovLinux Hardening. We select tools for a comprehensive security auditIn this article, we will get acquainted with the main utilities for Linux hardening. In Russian, this is called something like “checking…Jul 1, 2022Jul 1, 2022
Ivan PiskunovAn impenetrable DevOps cluster. Configuring and Hardening KubernetesThe most well-known tool for containerizing and automating application deployment is Docker. Known, but not the only one: it is worthy of…Jun 27, 2022Jun 27, 2022
Ivan PiskunovWe defend the port. How to protect infrastructure on Docker with minimal effortDocker is a great thing that can save a lot of time and effort. In this article, we will talk about how to use Docker as securely as…Jun 25, 2022Jun 25, 2022