On Mitigation Strategies

On Mitigation Strategies

Introduction At Carve we perform at a lot of web application security assessments. Once we (1) find a vulnerability, we (2) confirm that it’s reproducible, write a proof of concept (PoC) exploit for the vulnerability to determine the impact, and then (3) focus...
DevSecOps: Do We Need Another Cybersec Buzzword?

DevSecOps: Do We Need Another Cybersec Buzzword?

The latest buzzword to hit many of our ears attempts to give us a sense of safety and comfort. We’re no longer just doing DevOps. We’re doing DevSecOps! It’s not an unworthy goal. With DevSecOps, we’ve gone past just working through automation and continuous...
The 10 Best Security Testing Tools

The 10 Best Security Testing Tools

Any application connected to the internet is at risk for attacks from malicious outsiders. It’s important to check your application for vulnerabilities because they may lead to hacking or data leakage. Today’s security software comes in many forms, both free and paid....