Homepage
Open in app
Sign in
Get started
AppSec Untangled
General thoughts around Applications Security, Secure coding, DevSecOps, and other related topics
Follow
Lessons Learned #2: Your new feature could introduce a security vulnerability to your old feature…
Lessons Learned #2: Your new feature could introduce a security vulnerability to your old feature…
This is the second story in the “Lessons Learned” series where we discuss real-world vulnerabilities from the eyes of an application…
Mohamed AboElKheir
Sep 25
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase…
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase…
Welcome all to this new series “Lessons Learned”. In this series, I plan to share some real-world vulnerabilities from the eyes of an…
Mohamed AboElKheir
Sep 2
How to make “Input validation” easy for your devs
How to make “Input validation” easy for your devs
Creating a Paved road for input validation
Mohamed AboElKheir
Jul 22
New Notion template for Threat modeling published!
New Notion template for Threat modeling published!
Hi All, I have an exciting announcement to share! I’ve created a Notion template to help with creating threat models for your projects, you…
Mohamed AboElKheir
May 3
How I contributed my first custom rule to Semgrep Rule Registry
How I contributed my first custom rule to Semgrep Rule Registry
Since I learned that Semgrep enables users to create and use custom SAST rules, I was instantly intrigued. That is mainly because the value…
Mohamed AboElKheir
Mar 19
What is wrong with this code?
What is wrong with this code?
Why code reviews/scans are not enough
Mohamed AboElKheir
Feb 29
How to “Shift-Left” SAST scans (Semgrep as an example)
How to “Shift-Left” SAST scans (Semgrep as an example)
“Shift-Left” has become quite the buzzword recently and I assume you probably have already seen a dozen talks and blog posts discussing the…
Mohamed AboElKheir
Jan 26
Why “Chainguard Images” is a game-changer for container vulnerabilities
Why “Chainguard Images” is a game-changer for container vulnerabilities
I’ve recently tried Chainguard Images and was impressed by the results. Chainguard images are minimized hardened container images that…
Mohamed AboElKheir
Dec 21, 2023
Threat Modeling Handbook #6: Agile Threat Modeling
Threat Modeling Handbook #6: Agile Threat Modeling
It has been a long journey! In the past stories (links below) of this series we discussed in detail how to build a process using threat…
Mohamed AboElKheir
Nov 21, 2023
Threat Modeling Handbook #5: Convert your threat model into an automated pentest using DevSecOps…
Threat Modeling Handbook #5: Convert your threat model into an automated pentest using DevSecOps…
Now it is time to make use of what we have completed in phase 1 of the threat modeling process (threat and mitigation identification) in…
Mohamed AboElKheir
Oct 12, 2023
About AppSec Untangled
Latest Stories
Archive
About Medium
Terms
Privacy
Teams