Contact Sales

GoSecure Blog

Final-Connect-Image.jpg

An Introduction to Application Security

To remain in business, companies rely on perimeter security to protect, among other, their “secret sauce” recipe and the confidential information of their customers. To this end, information security vendors offer different types of defenses. The intent is commendable and the organization then feels confident, warm and cozy behind its firewall. However, there is something fishy. Businesses put up a variety of web applications on the Internet (thus accessible by everyone - including malicious actors) to offer different services. These applications can take many shapes, from transactional Web sites, to mobile applications or Web services. With them, the appropriate security question becomes: beyond securing the infrastructure, how can one defend these applications against hackers? The answer is: the proper design of the application’s source code. There you have it: application security.

Read More

Topics: appsec, process, sdlc, security

Modern Static Analysis for .NET

In the past six months, we have been working on a new static analysis tool for the .NET ecosystem called Roslyn Security Guard. It is a Visual Studio extension that analyzes C# code. It was first released at Black Hat USA this year. This article will cover the latest milestone reached which brings a new taint analysis mechanism and the introduction of automated code fixes.

Read More

Topics: c#, roslyn, security, static analysis, visual studio, msbuild, .net