azure Continuous Security with OWASP ZAP and Azure DevOps (part 2) In part 2 of a series on leveraging the OWASP ZAP Docker Image in Azure, this post describes how to utilise the ARM template described in Part 1, and embed it into an Azure DevOps pipeline as part of a continuous security regime.
azure Continuous Security with OWASP ZAP and Azure ARM (part 1) Automating your delivery pipeline allows you to deliver software quickly, reliably, and with minimal overheads. But as your delivery cadence increases, your security practises have to follow.
code Reverse-engineering price lists for fun and profit Margin-scaled price sheets are vulnerable to a rounding exploit based on defaults and social factors, and in certain circumstances this allows you to reverse-engineer the markup or margin level purely from the price data itself.