The Qwiet blog
What Does AI Native Mean in the AppSec Industry?
Key Takeaways AI Native means built, not bolted. It’s the difference between a platform that embeds AI into its architecture and one that adds it later as a feature. Only the former can deliver meaningful context, automation, and integration across the SDLC. Developers need signal, not noise. AI-native tools like Qwiet prioritize relevance, context, and […]
READ MOREAll posts
Filter by
Find Reflected XSS Candidates in Source Code
On March 21, the Biden administration directed US companies to "harden your cyber defenses immediately." With these new federal guidelines for application security, the White House urged software developers to deploy "modern tools that can detect known and potential vulnerabilities" in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
API Security 101
On March 21, the Biden administration directed US companies to "harden your cyber defenses immediately." With these new federal guidelines for application security, the White House urged software developers to deploy "modern tools that can detect known and potential vulnerabilities" in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
Does Your Health App Meet HIPAA Compliance...
On March 21, the Biden administration directed US companies to "harden your cyber defenses immediately." With these new federal guidelines for application security, the White House urged software developers to deploy "modern tools that can detect known and potential vulnerabilities" in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
Ten Ways OWASP Improves AppSec
On March 21, the Biden administration directed US companies to "harden your cyber defenses immediately." With these new federal guidelines for application security, the White House urged software developers to deploy "modern tools that can detect known and potential vulnerabilities" in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
Static Analysis of (the Invisible) C# Sources
Does your static analysis tool see the C# source underlying your C# source? I am a compiler engineer at ShiftLeft, the designer and (main) implementor of the programming language layer of our static analysis tool for C# and Python. In this article, I discuss a bit about the static analysis of C# programs. When you […]
HIPAA Compliance for Healthcare Apps
On March 21, the Biden administration directed US companies to "harden your cyber defenses immediately." With these new federal guidelines for application security, the White House urged software developers to deploy "modern tools that can detect known and potential vulnerabilities" in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
What to do about CWEs in your...
Over the past few weeks, we’ve published a series of blogs related to CWEs: we’ve taken a look at the changes in the Top 25 Most Dangerous Software Weaknesses over the past year, as well as some of the vulnerabilities included on the list: With that information in hand, what can someone in software engineering […]
OWASP Top Ten Updates: What Changed?
On March 21, the Biden administration directed US companies to "harden your cyber defenses immediately." With these new federal guidelines for application security, the White House urged software developers to deploy "modern tools that can detect known and potential vulnerabilities" in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
Evolving Threat series — Infiltrating NPM’s Supply...
On March 21, the Biden administration directed US companies to "harden your cyber defenses immediately." With these new federal guidelines for application security, the White House urged software developers to deploy "modern tools that can detect known and potential vulnerabilities" in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
