Mastodawn

96% of your code is open source. If your security strategy is just "hope and scan," you have a $1 trillion blind spot. 📉
We have unified 12+ language ecosystems into one secure golden path. 79 million components. Zero guesswork. High velocity. 🛡️🚀
Own your software supply chain security journey: https://www.linkedin.com/pulse/1-trillion-open-source-blind-spot-why-good-enough-security-6tqvc
#AppSec #OpenSource #TechTrends

ZAP 2h ago

New ZAP Blog Post: Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis
https://www.zaproxy.org/blog/2026-03-19-introducing-deepviolet/
Thanks to Milton Smith
#zaproxy #deepviolet #appsec

Introducing DeepViolet

Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis

ZAP

Colin Watson 5h ago

Stop the jargon. Read the newly updated, free and open source, OWASP Automated Threat Handbook. Your guide to all of the web's nasty bots in the world.

https://owasp.org/www-project-automated-threats-to-web-applications/

#bot #bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #devsecops #owasp @owasp

Markus Eisele 6h ago

Passwordless login is one of the simplest ways to improve security and UX.

In this tutorial I show how to build magic link authentication with Quarkus and Keycloak.
Email token → validation → secure session.

No passwords. No complexity. Just clean Java.

https://www.the-main-thread.com/p/passwordless-login-quarkus-magic-links-keycloak

#Java #Quarkus #Keycloak #AppSec #JavaDev #Passwordless

Habr 8h ago

Blackhole: mock server с ground truth для тестирования black-box сканеров

Выложил Blackhole — Python ASGI mock server для тестирования black-box сканеров, обучения и воспроизводимых бенчмарков. Пока вайбили с Уроборосом родился релиз в другом жанре, о нем ниже. Он offtopic но да простит меня Хабр великий и могучий, не смог удержаться.

https://habr.com/ru/articles/1012034/

#blackbox #owasp #qa_automation #webприложения #appsec #dast

Blackhole: mock server с ground truth для тестирования black-box сканеров

Хабр

RootShell 14h ago

What’s trending in cybersecurity today? Find out with the latest YouTube playlist we’ve curated. 👀 https://www.youtube.com/playlist?list=PLXqx05yil_mdS-qZ8HBVYzSyiYBW8_umd
#Malware #Phishing #IncidentResponse #CyberAwareness #AppSec

260318 rootshell.online

YouTube

OWASP Boston 15h ago

Learn a bit more on how different industries can impact or influence AppSec at OWASP BASC!

Thomas Rogers and John Mauger will talk about how Maritime Security practices can influence AppSec

Check out more at www.basconf.org

#appsec #basconf #basc2026 #owasp

Whitespots.io 18h ago

The DevSecOps bullshit bingo
Why CI-based security scanning is a broken architecture — and how autonomous security control planes eliminate pipeline dependency, hidden DevOps costs, and tool fragmentation.
https://whitespots.io/blog/the-devsecops-bullshit-bingo
#applicationsecurity #ASPM #AppSec

The DevSecOps bullshit bingo - Blog - Whitespots.io

Why CI-based security scanning is a broken architecture — and how autonomous security control planes eliminate pipeline dependency, hidden DevOps costs, and tool fragmentation.

Whitespots.io

RootShell 20h ago

What’s trending in cybersecurity today? Find out with the latest YouTube playlist we’ve curated. 👀 https://www.youtube.com/playlist?list=PLXqx05yil_mfV8RKDEuNz1WcGRyWt4tVG
#Malware #Phishing #IncidentResponse #CyberAwareness #AppSec

260318 rootshell.online

YouTube

ActiveState 21h ago

Imagine a world where your security backlog actually hits zero. 🎯
It starts by changing how you source open source. Say goodbye to the chaos of the public web and hello to a secure build pipeline that scales with you. 🛡️🦾
Own your code again: https://open.substack.com/pub/activestate1/p/the-end-of-security-debt-why-building
#AppSec #OpenSource #TechTrends

The End of Security Debt: Why Building from Source is the Only Way to Scale

The modern software supply chain is currently functioning on borrowed time.

ActiveState