Building a Do-It-Yourself Defect Discovery Practice
With the exception of a few vendors and their heavily invested customers, many agree that application security’s era of “big box” defect discovery tools is over.
Posts by
John Steven
Advisory services to Security Startups and Maturing Security Initiatives
SARIF Can't Save You Now
When SARIF became a defacto standard for security tool output, supported by commercial and OSS tools alike, development and security practitioners alike rejoiced.