
February 1, 2023
Felipe Ruiz
Get an overview of vulnerability assessment
Learn what vulnerability assessment is, why this IT systems evaluation process is important, what types exist, and how it relates to vulnerability management.

January 23, 2023
Jason Chavarría
Benefits of continuous over point-in-time pentesting
Continuous penetration testing beats periodic point-in-time pen tests. We present its benefits and how we overcome challenges to its implementation.

January 17, 2023
Jason Chavarría
Pentesting is a system-agnostic approach to security
The types of penetration testing include external and internal network, wireless, IoT, mobile application and social engineering pentesting. Learn more here.

January 5, 2023
Jason Chavarría
Differences between these security testing approaches
There is confusion around the differences between breach and attack simulation, penetration testing and red teaming. Read this blog post for a clear comparison.

December 19, 2022
Jason Chavarría
How BAS solutions work, their importance and benefits
Learn about what breach and attack simulation is, how it works, why we need it for security testing and its benefits for defending against advanced threats.

November 30, 2022
Felipe Ruiz
Open the door to security as a quality requirement
Discover what is usually seen as code quality, why we believe this concept should include security and some recommendations to develop high-quality code.

November 25, 2022
Felipe Ruiz
Use of automated tools only? Don't stick to your guns!
In this blog post, we present some differences between automated and manual code reviews and emphasize the latter and the procedures performed by the reviewers.

November 22, 2022
Felipe Ruiz
And round it off with our Secure Code Review
Check out some best practices for secure coding your developers can start applying and how our Secure Code Review can complement them.

November 16, 2022
Jason Chavarría
Why measure cybersecurity risk with our CVSSF metric?
We present some of the flaws of the traditional measure of cybersecurity risk and introduce CVSSF, the risk-exposure-based metric with which we overcome them.