Thursday, September 13, 2012
Dear visitor, hello and welcome to our blog :)
DefenseCode is an IT start-up focusing on information security. Our goal is to develop products to
automatize detection of vulnerabilities in web application code and to provide information security
services to a wide variety of internet businesses.
We are a relatively young company made up of seasoned IT/information security professionals
interested in anything and everything even remotely related to information security.
This is why we started this blog. Here we will analyze, comment and share developments from all
branches of information security business. We're going to write about computer security, security
research, web application security, penetration testing and broader general topics.
To begin with, web application security is widely underappreciated aspect of information security.
Where companies spend millions of dollars securing their information infrastructure from malicious
programs, spending lots of money and man power perfecting their firewalls, hardening their
communications, analyzing routers and demilitarized zones, often enough they spend zero time on
the one thing that remains open to the Internet – their web applications, usually connected to the
databases containing data vital to their businesses.
This is where we fit in – and we're going to share our experiences and the knowledge we gained from working in the field that helped us shape and implement our products. We are going to talk about safe programming practices, and why they are often neglected or misunderstood.
While there are many different kinds of vulnerabilities in modern web application code, there are
some that are more prominent than others. By exposing these often found errors in code that leave
your system vulnerable, we hope to demonstrate DefenseCode software abilities and provide you
with explanation why these vulnerabilities occur and how to avoid or mitigate them in the future.
This blogspace will hopefully provide you with insight and accurate advice information security wise. We are always available for consultation and advice, so feel free to contact us here or through our website.