About the Author

Keyhole Software

Keyhole Software is a consulting team of software developers who love technology. We frequently assist nationwide clients with custom application design, development, and modernization initiatives with Java, JavaScript/SPA, and .NET technologies. Our expert employee consultants excel as “change agents," helping our clients to be successful with software technologies that bring competitive advantage.

Education Series

Keyhole Announces Education Series: Continuous Delivery With GitOps and Top Security Mistakes in AppDev

Keyhole Software Community, Company News, Educational Event, Keyhole Leave a Comment

We are excited to announce the August 2022 Keyhole Education Series!

This series consists of two educational lunch and learn events open to the public. The presentations are geared to benefit software developers who are implementing or interested in using GitOps, Kubernetes, DevSecOps, and Security.

Application Security Whitepaper

White Paper: Security Best Practices in Application Development

Keyhole Software Consulting, Keyhole Creations, Security Leave a Comment

This white paper provides key takeaways for application stewards and software leaders to improve application security, with examples of common application security liabilities and suggestions for remediation. Topics include:

An in-depth look into Security Culture and the importance of the people element in adopting a security-first outlook.
An explanation of common application practices we frequently see in the wild that can be inherently risky, with suggestions for best practices.
A security checklist to determine critical areas of higher risk to prioritize in your journey to a more secure application.
An explanation of the security Surface Area and how to minimize it starting from your source code.
Strategies to protect Authentication and Authorization and a comparison between Third-Party solutions and rolling your own auth.
A deep dive into built-in Application Security and an exploration of strategies that might help your business, including Network-Level Security, WAF, Payload Encryption, SSL, Cloud Configuration, and SIEM…