• Who’s responsible for application security? It’s ultimately on the business. More specifically, it’s on the executives and board members that run the business. Still, there must be resources within the organization who not only lead the charge but also get stuff done. It’s complicated, and every situation is different, but this “get stuff done” component is where the answer lies.
  • Depending on the target's nature, you may want to prevent scans from running at certain times. For instance, when you don't want scans to affect your team's productivity during working hours or when you want to guarantee that your website can handle all customer requests during peak hours. With Probely, you can pause and resume scans later, both on-demand and automatically.
  • Understand how to use Teams to mimic your company’s structure better and address its needs. Please note that this feature is only available for Probely Plus. Teams provide a way for you to group Users, API keys, and Targets in one place so that managing them becomes easier and time-efficient. You can create multiple teams for one account. Teams act as independent units/groups and help you separate and assign targets for each team, limit the number of targets, set scopes, and user roles. One user can be added to different teams and assigned roles that don’t affect one another, such as an admin, developer, or a custom role.
  • If you are like me, legal compliance is one of those things that really make you cringe and sigh in discontent. However, as we all know, legal compliance is there for a reason. Generally speaking, many of them are easy to comply with as long as you have the right tools, and most of them are beneficial to you, your business, and your customers in the long run.
  • Many companies have internal web applications, accessible only from their corporate network or through a VPN. These are often back-offices, management portals, HR applications, and everything that makes sense only for the company workforce, not for their clients. This also means that cloud services, like Probely, could not scan them for vulnerabilities. Until now.
  • In this day and age having a functioning and secure Software Development Life Cycle (SDLC) process in place is becoming a key component of a successful organization. And one methodology that is becoming increasingly popular is DevOps. Mainly, because the methodology itself is designed to produce fast and robust software development. In this article, we will focus on how we can incorporate security into CI/CD and turning DevOps into DevSecOps easily and with automation in mind.