DEV Community

# appsec

Application security topics beyond the web, including mobile and desktop applications.

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
The 26-Dimensional Feature Vector: How a Machine Learns to Recognise a Secret
pgmpofu profile

The 26-Dimensional Feature Vector: How a Machine Learns to Recognise a Secret

#machinelearning #python #appsec #security
Comments
9 min read
Why the Variable Name Is the Most Important Feature in Secrets Detection
pgmpofu profile

Why the Variable Name Is the Most Important Feature in Secrets Detection

#machinelearning #python #security #appsec
Comments
8 min read
We scanned 50+ MCP servers and found HIGH-severity bugs in Atlassian, GitHub, Cloudflare, and Microsoft — here's what we learned
truong_bui_eaec3f963bbe21 profile

We scanned 50+ MCP servers and found HIGH-severity bugs in Atlassian, GitHub, Cloudflare, and Microsoft — here's what we learned

#mcp #security #llm #appsec
1
Comments 1
4 min read
AI-Powered Security Code Reviews That Actually Work: A Threat-Model-First Methodology
mohamed_aboelkheir profile

AI-Powered Security Code Reviews That Actually Work: A Threat-Model-First Methodology

#appsec #security #ai #cybersecurity
Comments
9 min read
What a Free Security Snapshot Can Tell You — and What It Cannot
stanleya profile

What a Free Security Snapshot Can Tell You — and What It Cannot

#security #webdev #cybersecurity #appsec
Comments
4 min read
Your MCP dependency scan can pass and still miss HIGH vulnerabilities
oleg_gr_734317a4bae97cee4 profile

Your MCP dependency scan can pass and still miss HIGH vulnerabilities

#security #mcp #appsec #ai
1
Comments 1
3 min read
Why I Built an ML-Powered Secrets Detector Instead of Just Using Regex
pgmpofu profile

Why I Built an ML-Powered Secrets Detector Instead of Just Using Regex

#security #machinelearning #appsec #python
Comments
8 min read
What Building a SAST Tool Taught Me About AppSec That 13 Years of Software Engineering Didn't
pgmpofu profile

What Building a SAST Tool Taught Me About AppSec That 13 Years of Software Engineering Didn't

#career #security #webdev #appsec
Comments
8 min read
Your Private API is Currently Safe. One Developer Change Away From Unsafe.
bala_paranj_059d338e44e7e profile

Your Private API is Currently Safe. One Developer Change Away From Unsafe.

#security #aws #cloud #appsec
Comments
8 min read
False Positives in SAST — How I Built Suppression Into My Scanner and Why It Matters
pgmpofu profile

False Positives in SAST — How I Built Suppression Into My Scanner and Why It Matters

#appsec #devops #testing #security
Comments
9 min read
Writing Custom SAST Rules for Vulnerabilities Your Scanner Doesn't Cover
pgmpofu profile

Writing Custom SAST Rules for Vulnerabilities Your Scanner Doesn't Cover

#security #appsec #python #tutorial
Comments
8 min read
How I Modelled the OWASP Top 10 Into a YAML Rule Engine
pgmpofu profile

How I Modelled the OWASP Top 10 Into a YAML Rule Engine

#appsec #security #tutorial #python
Comments
8 min read
Introducing a OWASP Game for threat modeling Agentic AI, Cloud, Devops, Frontend, LLM, Automation, and Web
sydseter profile

Introducing a OWASP Game for threat modeling Agentic AI, Cloud, Devops, Frontend, LLM, Automation, and Web

#ai #security #gamedev #appsec
1
Comments 1
10 min read
SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top
dwayne_mcdaniel profile

SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top

#security #devops #appsec #cybersecurity
Comments
10 min read
From a Single IP to Exfiltrated Passwords in a PNG: My First Freelance Pentest Engagement
marco_altomare_0e7674642c profile

From a Single IP to Exfiltrated Passwords in a PNG: My First Freelance Pentest Engagement

#cybersecurity #webtesting #webscraping #appsec
Comments
13 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.