Recursos

Infrastructure as Code in a DevSecOps World

Learn more about infrastructure as code (IaC), what it is exactly, and the security implications of using IaC in the real world.

SAST vs. DAST: what is the difference and how to combine the two?

Dynamic security testing (DAST) uses the opposite approach of SAST. Whereas SAST tools rely on white-box testing, DAST uses a black-box approach.

What is CI/CD? CI/CD pipeline and tools explained

Learn more about CI/CD continuous integration and continuous delivery, CI/CD pipeline, and framework. CI/CD as the foundation for DevSecOps.

Node.js licensing and security considerations

With the Node.js runtime environment becoming more popular, it's important to know about Node.js licensing and security risks for your web applications.

Copyleft: The rise of open-source software licensing

Learn more about most popular copyleft licenses, terms, conditions, difference of copyleft vs copyright. Find out what’s best for your team.

Is an AGPL License the Right Choice for Your Open Source Projects?

Learn more about AGPL license: advantages, terms and conditions, commercial use, and more. Determine whether the AGPL 3, LGPL 3, or standard GPL 3 will suit your project.

GNU General Public License: GPLv3 explained

Learn everything you need to know about GPL License: new clauses, the difference between GPLv2 and GPLv3, terms and conditions and more.

Kubernetes Security: Common Issues and Best Practices

Is Kubernetes secure? Learn more about Kubernetes security issues in a cloud native security context with tips to secure your K8 deployments.

What is the MIT License?

Learn more about the MIT License - one of the simplest open source license agreements - and integrate license compliance into your existing workflows.

Licenças Open Source: Tipos e Comparação

Saiba mais sobre os diferentes tipos de licenças de código aberto e como elas visam a proteger autores e usuários de software.

Malicious Code Explained

What is malicious code? Learn more about malicious code and how it impacts application users and developers.

Secure Software Development Lifecycle (SSDLC)

Learn more about Secure Software Development Lifecycle (SSDLC), and how to integrate security at every stage of the SDLC to enhance software integrity and protect against vulnerabilities.