Apr 25, 2023
|
By Andreas Wiese
For quite a time we have been thinking about ways to make it easier for Kondukto users to try out the integrations of our Technology Partners. At this year’s RSA in San Francisco we are now happy to announce the first release of our Demo Hub. This industry-first feature, integrated right into the Kondukto platform, makes it easier for customers to evaluate and benchmark different solutions from the growing number of Kondukto’s Technology Partners.
Sponsored Post
Apr 24, 2023
|
By Can Taylan Bilgin
Anyone who works on application security knows developers are inseparable from AppSec programs. Even so, the hardest part is figuring out how to get security on their agenda and actively involve them in preventing and managing vulnerabilities. Only with their buy-in and active involvement, it is possible to scale an application security program to the level desired by AppSec teams, especially in large enterprises where developers way outnumber security engineers.
Apr 18, 2023
|
By Can Taylan Bilgin
As an Application Security (AppSec) leader, one of the most significant challenges you might face is securing management support for your program. This lack of support often results in under-resourced AppSec teams feeling frustrated and unable to make a meaningful impact. To foster an environment where your team feels valued and prevents burnout, AppSec leaders must prioritize gaining additional resources.
Sponsored Post
Mar 28, 2023
|
By Can Taylan Bilgin
Gartner just released the Hype Cycle for Application Security 2022, and the main topic was the rise of application security orchestration and correlation (ASOC) tools. As Kondukto, we have been in "this neighbourhood" for more than 3 years; we want to take the chance to say something about "why you need an ASOC platform". As multiple security technologies need to be used at different stages of the modern software development lifecycle, the findings from various tools are creating an immense complexity for understaffed security teams.
Sponsored Post
Feb 28, 2023
|
By Cenk Kalpakoğlu
API security is a growing concern for businesses that offer or consume APIs. APIs, or application programming interfaces, allow different software systems to communicate and exchange data. They allow businesses to build integrations and connect with partners, customers, and other stakeholders. However, as more sensitive data is being shared through APIs, it is essential to ensure that these interfaces are secure and protected from unauthorized access or manipulation. In this blog post, we'll discuss how continuous fuzzing can be a powerful tool to secure APIs and how developers can adopt a "secure by default" approach by integrating continuous fuzzing into SDLC processes.
Sponsored Post
Jan 23, 2023
|
By Suphi Cankurt
OpenAI is an artificial intelligence research laboratory that surprised the world with ChatGPT. It was founded in San Francisco in late 2015 by Sam Altman and Elon Musk, and many others. ChatGPT grabbed 1M people's attention in the first six days, and unbelievable AI & Human conversations screenshots are still getting shared. We couldn't resist more to see how OpenAI can help developers and application security teams by sharing remediation guidance. Many application security teams manage millions of security issues on Kondukto, which would eventually save them hundreds of hours.
Nov 28, 2022
|
By Suphi Cankurt
OWASP ASVS is a great project to provide a framework of security controls for design and define the basis of secure development. But the problem is when you decide to use these checks in your organization, you end up with a 71-page pdf file or an OWASP ASVS checklist (excel sheet). It is incredibly hard for organizations to adapt and spread the word within the company.
Oct 10, 2022
|
By Suphi Cankurt
A recent report suggests that 700,000 new cybersecurity professionals have joined the market since 2020. But still, we are nowhere near closing the talent gap. LinkedIn shows only about +3k people with the "Application Security Engineer" job title. Let's dive into the world of application security.
Sep 27, 2022
|
By Can Taylan Bilgin
“Are we paying a fair price for this tool?” is the question every decision-maker asks themselves before making a significant purchase decision. As one of the nascent categories in the application security space, one of the significant challenges ASOC category is likely to face is the value it creates.
Sep 5, 2022
|
By Can Taylan Bilgin
We are thrilled to announce our seed round by ScaleX Ventures. With this investment, we welcome Dilek Dayınlarlı to our board of directors and Berkay Mollamustafaoğlu to our advisory board.
Dec 13, 2022
|
By Kondukto
Kondukto integrates with OpenAI and gets vulnerability remediation advice for all your security testing results on this concept work. OpenAI is an artificial intelligence research laboratory that surprised the world with ChatGPT. It was founded in San Francisco in late 2015 by Sam Altman and Elon Musk, and many others. ChatGPT grabbed 1M people's attention in the first six days, and unbelievable AI & Human conversations screenshots are still getting shared.
Jun 30, 2022
|
By Kondukto
Kondukto allows you to set SLA levels for your vulnerabilities and easily track the ones that are overdue.
May 6, 2022
|
By Kondukto
You can easily activate Nuclei on Kondukto and scan your applications in no time.
Nov 1, 2021
|
By Kondukto
On Kondukto you can apply automated workflows on vulnerabilities that are manually imported to Kondukto as well. In this video, you can see how Kondukto automatically creates issues on issue managers and sends notifications as soon as a new file is imported.
Sep 20, 2021
|
By Kondukto
With Kondukto an action taken on a vulnerability discovered in one branch is automatically reflected on the same vulnerability discovered in a different branch.
Jul 31, 2021
|
By Kondukto
With Kondukto's Secure Code Warrior integration you can send training videos to your developers to raise awareness about certain types of vulnerabilities.
May 11, 2021
|
By Kondukto
Kondukto lets you pinpoint the developers responsible for vulnerabilities discovered by your SAST tools. After analyzing the type and number of vulnerabilities created by each developer, you can quickly assign courses on Avatao with a single click on Kondukto.
Mar 30, 2021
|
By Kondukto
Kondukto lets you pinpoint the developers responsible for vulnerabilities discovered by your SAST tools. After analyzing the type and number of vulnerabilities created by each developer, you can quickly assign courses on Codebashing with a single click on Kondukto.
Dec 14, 2020
|
By Kondukto
With Kondukto CLI, it is possible to trigger scans in pipelines and automatically break builds in any CI/CD tool whenever the project does not meet security criteria.
Nov 7, 2020
|
By Kondukto
Validation scans are great for bridging the gap between software developers and security engineers. Whenever an issue is closed by a software developer, Kondukto automatically triggers a new scan to ensure that the vulnerability has been fixed. If the same vulnerability is identified again, the issue is automatically reopened by Kondukto.
- April 2023 (3)
- March 2023 (1)
- February 2023 (1)
- January 2023 (1)
- December 2022 (1)
- November 2022 (1)
- October 2022 (1)
- September 2022 (2)
- August 2022 (1)
- July 2022 (2)
- June 2022 (1)
- May 2022 (1)
- November 2021 (1)
- September 2021 (1)
- July 2021 (1)
- May 2021 (1)
- March 2021 (1)
- December 2020 (1)
- November 2020 (1)
- October 2020 (2)
- December 2019 (2)
The Kondukto Platform is the ultimate tool for application security teams, allowing them to effortlessly transform vulnerability management, giving back the time, focus, and insight they need to succeed.
Instantly get all security testing tool results in a single view, automate vulnerability remediation workflows and manage risks with key security performance indicators (KPIs).
Effortless efficiency that saves time and money:
- Gain visibility & insight: Speed up prioritization process with the power of orchestration and automation.
- Remediate faster: Reduce distraction and low value work to speed up remediation.
- Boost learning and accountability: Support a culture of continuous improvement with our developer-level vulnerability data.
Accelerate triage and remediation with AppSec orchestration.