Ivan PiskunovSecure SDLC (Part 2): ASOC, ASPM, DevSecOps and the AppSec futureDive dive into Secure SDLC by SecChamp, senior engineer and AppSec manager17 min read·Apr 22, 2024----
Ivan PiskunovSecure SDLC (Part 1): issues, approach, tech metrics, team’s KPIDive dive into Secure SDLC by SecChamp, senior DevSecOps engineer and AppSec manager7 min read·Apr 14, 2024----
Ivan PiskunovA little bit about Node.JS security by handsThis short doc intend provide a simple guidelines on how to secure a Node.js application.9 min read·Apr 5, 2023----
Ivan PiskunovExpress Guide Sysdig Falco — install and configSysdig Falco — a tool for detecting anomalies and monitoring system activity. It works both on the host and in containers, if required.6 min read·Jul 25, 2022----
Ivan PiskunovAPI Security ChecklistChecklist of the most important security countermeasures when designing, testing, and releasing your API.4 min read·Jul 13, 2022----
Ivan PiskunovThe security mechanisms in microservice architecturesWith the introduction of a microservice architecture, the components responsible for authorization are moved to a separate microservice…4 min read·Jul 11, 2022----
Ivan PiskunovLinux Hardening. We select tools for a comprehensive security auditIn this article, we will get acquainted with the main utilities for Linux hardening. In Russian, this is called something like “checking…14 min read·Jul 1, 2022----
Ivan PiskunovAn impenetrable DevOps cluster. Configuring and Hardening KubernetesThe most well-known tool for containerizing and automating application deployment is Docker. Known, but not the only one: it is worthy of…17 min read·Jun 27, 2022----
Ivan PiskunovWe defend the port. How to protect infrastructure on Docker with minimal effortDocker is a great thing that can save a lot of time and effort. In this article, we will talk about how to use Docker as securely as…11 min read·Jun 25, 2022----