Veracode announces a free Community Edition of Veracode Security Labs - a platform aimed to give a comprehensive sandbox environment to research and practice static code analysis. The concept behind is pretty similar to PortSwigger Web Security Academy - another great...

It’s pretty understandable that a tech person likes hands-on work and doesn’t like any related overhead, including documentation. Similarly, penetration testers love finding vulnerabilities and much less like reporting them. However, the business value comes not from the finding itself, but from its proper communication to the client and actionable remediation measures that may help fix it. So, the report is as important as the finding, not saying that it’s, in fact, the only tangible deliverable of an application security assessment. We’d like to give you an overview of the path you have to take on your way to a mature report. We’re not yet on the peak of this mountain ourselves; however, we can see the route from where we are now. So, let’s take a look at it.

Many online services provide you various passive or active security checks. If your web site has been connected to the internet for a while, chances are quite a few analytics gathering services have already noticed it. Some of them allow you to search their pre-scanned databases, while the others let you run benign vulnerability scans. Checking your domain name against their database is a proper security check-up.

Each time after hosting a Nonamecon or OWASP Kyiv event, my mailbox is flooded by messages from people asking if we have job openings. How can one join our company? Here is my CV! And after getting a response, they ask how they can improve it.

Today we are announcing our Web Application Pentester Training course. Berezha provides Secure Development Awareness training in the corporate setting for a few years now. Today, in addition to this business product, we launch a training program that every individual could join. What is the goal, and what is the difference?

In response to the global outbreak of COVID-19 caused by the new type of coronavirus, Berezha Security switches to Work from Home mode and postpones all on-site engagements. We assure all our clients and partners that this will not affect the timeliness of project results or any other terms and agreements.

We send warm thanks to all our customers and partners: we greatly appreciate the trust you put in us and we will go on doing our best to meet your expectations! We greatly appreciate the work our team puts into the services we provide and we are proud to have every...