Berezha Security Blog
OWASP is the most known global non-commercial organization dealing with software security. It was established in 2001 and had been publishing its famous application security risks rating – the OWASP Top 10 – since 2003. Do you feel like Berezha Security has a strong connection with OWASP? That’s correct, and here’s why.
An experienced CISO knows, that talking about a security breach the question starts not with “If…” but with “When…”. Indeed, it’s predicted that in 2021 every 11 seconds some company in the world will be hacked, so it’s possible your organization will be among them. Let us share several immediate practical steps you need to undertake when you discover a breach of your critical infrastructure.
It’s good to have a hobby. It’s better if you share it with someone. It’s even better when you share it with colleagues and rediscover your teammates. It turned out that part of the Berezha Security team enjoys running. So no wonder we decided to participate in Wizzair Kyiv City Marathon. Let’s see, whose photo you like the most 🙂
Berezha Security turns six years old! Indeed, this year was the weirdest one with its challenges and all the changes happening in the world. However, it was still a good year: we completed over 50 projects and continued to grow.
A year ago, prior to the COVID-19 pandemic, probably very few people could imagine how the world would change. Working from home, remote business meetings, online events, and digital concerts are only some examples of the new normal. The things we could not imagine to go virtual very much did, to everyone’s surprise. Is remote audit possible without sacrifice on quality? Is onsite audit more a cultural thing or a real need? These are questions that arise; let’s try to look for the answers together.
Safety Detectives has recorded an interview with Vlad Styran, VP & Co-founder of Berezha Security: you can read its full transcript on their website.
Do you pentest against PCI DSS? Do you test for OWASP Top 10? Are Berezha Security reports ISO27001 compliant? These are just a few stunning questions we often hear from our future customers. Although they often sound naive, we have to elaborate on these questions. Otherwise, if our clients knew as much as we do, why would they need us? So, in this post, we share some of the frequent customer questions from our presale experience. How many of them are also on your list?
Every crisis is an opportunity in disguise. What companies benefited the most since the outbreak of COVID-19? Most probably, Zoom is on the shortlist. Indeed in the times of the new remote normal, communication becomes a critical part of your life. The number of daily Zoom meeting participants surged from 10 million in December 2019 to 300 million in April 2020. With popularity came attention to the security of the platform. No wonder that with this attention came news of security flaws found in the product. Probably, having end-to-end encryption (E2EE) implemented platform-wide would allow avoiding some of the issues. Let’s take a closer look at this.
In cybersecurity, several terms are closely related to each other, such as application security, security audit, security assessment, and penetration test. They are often misunderstood even by cybersecurity professionals. We must speak the same language as our customers and colleagues, so we decided to elaborate on them. Hopefully, you will be able to distinguish them when done reading this post.
GitHub, one of the leading source code hosting services, announces the launch of a static code analysis add-on. Will this become the “silver bullet” for creating vulnerability-free software? Let’s take a look.
+380 (44) 364 7336 +1 (315) 303 2323
6 Nimanska St., 41, Kyiv, Ukraine 01103
77 Sichovykh Striltsiv St., Kyiv, Ukraine