Hi,

Why I'm doing this...

I want to use online services and feel that it is sufficiently safe.

I have started this blog to share experiences in secure development and secure automation. The goal is to build community and applicable knowledge in modern security practices. I have been working in the industry for more than 15 years as Security architect, Application security expert, Lead tech manager and other as well. Besides, I'm  DevOpSec/DevAppSec enthusiast, lets automate as much as possible. I have also successfully delivered many projects including building expert teams, strategic management with actual hands-on experience. So, I feel confidence on both, C-level and deep-dive technical conversations.

Currently my focus areas:
1.Evaluation of Secure development processes, tools and their effectiveness
2.Creation of projects and planning to address above findings.
3. Actual development of solutions,  tools and processes to support CI/CD to support minimal friction from security by creation of compliance to most rigorous security demands.
4.  Security development training sessions
5.  Secure architecture services.
6.  Development of Checkmarx customizations and integration to

• Reduce false positive count
• Increase vulnerability findings confidence
• Creation of full eco-systems to address actual issues, from discover to closure.

---