Security and software crafting for hacking minds


Why another application security blog?

There is a strong debate among information security professionals about how to reach developers spreading the voice about application security and secure coding best practices.

It’s a challenging task since most of software engineering conferences don’t cover appsec topics, in fact few security specialists are aware of them and there is no one filling the gap from the stage.

From the counterpart the opposite is truth as well. In security conferences there is no place for developers talking about new frontiers about software engineer.

We need a starting point to fill the gap talking about application security with the developers terms and to bring to application security world new programming languages, frameworks and software coding patterns. is a technical blog about application security in the most extended meaning. Unlike other application security blog, the perspective is not only from the attacker point of view but also from the developer’s one.

We won’t only discuss about hot vulnerabilities out there or exploits or security book or tools review but we will focus also on how to use test driven development to spot security issues and how to remediate while we’re stille developing our applications.

We will bring you the idea that making a web application is like cooking a delicious cake; both software engineering than application security are parts of the same recipe. No one can stand without the other.

Do you want more? Save the into your bookmarks and start reading further.

Who’s behind this blog?

Fingers behind the project are mine.