Berezha Security Blog
In cybersecurity, several terms are closely related to each other, such as application security, security audit, security assessment, and penetration test. They are often misunderstood even by cybersecurity professionals. We must speak the same language as our customers and colleagues, so we decided to elaborate on them. Hopefully, you will be able to distinguish them when done reading this post.
GitHub, one of the leading source code hosting services, announces the launch of a static code analysis add-on. Will this become the “silver bullet” for creating vulnerability-free software? Let’s take a look.
Everyone loves getting new customers and projects. However, not everyone knows at what cost we have them. And I’m not talking about sales effort right now. I’m talking about the bureaucracy, which is an inevitable companion of a new deal. I’d like to share some of the issues we often have during the contract closure and give a couple of advice on dealing with them.
Останнім часом ми отримали ряд запитань про кіберінцидент у компанії SoftServe. Дякуюмо всім за увагу та турботу. Ми не будемо коментувати факт компрометації інфраструктури SoftServe, адже це прерогатива керівництва цієї компанії. Натомість хочемо надати факти, які стосуються компанії Berezha Security у цьому контексті.
Toreon, a security consulting company, announced a release of an open-source Threat modeling playbook, incorporating OWASP best practices. Threat Modeling topic is also a part of Berezha Security training for developers, which may be a good support in your adventure in the threat modeling implementation journey.
Serhii Korolenko, a Senior Application Security Consultant at Berezha Security, participated recently as a speaker in an EdCamp event, giving an awareness presentation on personal cybersecurity – “How not to become a cyber-victim.”
Here we grow! Berezha Security is glad to announce that we are looking for a new junior team member. This time we are looking for a motivated junior application security specialist, AKA penetration tester.
Finally, it’s here! The third edition of NoNameCon is starting this week. It’s a 100% Ukrainian community-built practical cybersecurity conference designed for professionals to exchange their knowledge and experience.
We are glad to mention that the first open Web Application Security Pentester Training, provided by Berezha Security, has finished and was definitely a success. Today we are happy to announce the second edition of the online training, which we plan to start on the 14th of September.
Berezha Security becomes a premium partner of NoNameCon 2020. It’s the third year in a row we are supporting this significant cybersecurity event in the Eastern European region.
+380 (44) 364 7336 +1 (315) 303 2323
6 Nimanska St., 41, Kyiv, Ukraine 01103
77 Sichovykh Striltsiv St., Kyiv, Ukraine