Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
AppSecEngineer Profile picture
@AppSecEngineer
Mar 29, 2022 β€’ 8 tweets β€’ 4 min read β€’ Read on X
Scrolly
Application Security is one of the top skills that every tech firm is aggressively looking for πŸš€

If you are a person who wants to make a great career in AppSec, this thread is for you πŸ‘‡

🧡

#applicationsecurity #infosec #cloudsec #azure #aws
Five ways you could teach yourself Application Security

1 / 5
Five ways you could teach yourself Application Security

2 / 5
Five ways you could teach yourself Application Security

2 / 5
Five ways you could teach yourself Application Security

3 / 5
Five ways you could teach yourself Application Security

4 / 5
Five ways you could teach yourself Application Security

5 / 5
Love this thread?

Share with your AppSec buddies and follow us for more such actionable #appsec content. πŸ’₯

Wish to learn more about - how to become Application Security Engineer? Read the definitive Guide πŸ‘‰

appsecengineer.com/blog/guide-to-…

β€’ β€’ β€’

Missing some Tweet in this thread? You can try to force a refresh
γ€€

Keep Current with AppSecEngineer

AppSecEngineer Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @AppSecEngineer

AppSecEngineer Profile picture
Dec 8, 2022
How do you level up DAST scans on your REST APIs?

Automate them, of course!

Here are our Top 8 Free Tools for Automating REST API Testing:
#api #automation Image
1. REST Assured

More than just a cute pun, REST Assured is a Java-based library built for making testing REST services in Java way easier.

It works particularly well with Maven, a build automation tool used primarily for Java projects.

rest-assured.io
2. Postman

Postman can be used to write functional tests, integration tests, regression tests, and more.

It can be integrated with your CI/CD pipeline, too.

(Still can't figure out if the mascot is a postman or an astronaut)

postman.com/product/tools/
Read 11 tweets
AppSecEngineer Profile picture
Dec 6, 2022
Want to learn @awscloud Security but not sure where to start?

Here's a super-useful Learning Roadmap for AWS Security:

(Keep reading to get the full roadmap diagramπŸ‘‡ )
#awssecurity #cloudsecurity
Just starting out? You should learn the basics first.

Identity & Access Mgmt. is your first order of business. Understanding IAM will solve half your security problems in AWS.

Next up, Secrets in AWS! Cryptography, secure password storage, etc. are CRITICAL.

2/6
Next, go for VM & Network Security. Learn about VPC, Flow Logs & VM security.

Boost visibility in any AWS env. by monitoring & logging events with CloudWatch & CloudTrail.

Learn to automate vulnerability mgmt. with Amazon Inspector. Cut down on manual work with automation.

3/6
Read 7 tweets
AppSecEngineer Profile picture
Nov 15, 2022
Let's learn the basics of Threat Modeling!

Here's the Top 5 Threat Modeling methodologies, and how they work.

#threatmodeling
1. STRIDE

One of the most popular, STRIDE is an acronym for the types of threats it covers:
Spoofing identity
Tampering with data
Repudiation threats
Information disclosure
Denial of service
Elevation of privileges

This is a developer-centric methodology.
In STRIDE, you create a data flow diagram-based threat model of the target app. With user & abuser stories, create a list of potential threats.

Map them to the above threat types & classify the attacker's goals in one of 6 categories, along with relevant security controls.
Read 15 tweets
AppSecEngineer Profile picture
Jun 27, 2022
Are you planning to become a Cloud Security Architecture?

But not sure what skills you need to become the one?

Then this 🧡is for you πŸ‘‡

#cloudsecurity #aws #awssecurity #appsec #infosec
1 /

Understand how components work:

For starters, you need to have an intuitive understanding of how common security protocols and components work. Things like firewalls, network access, intrusion detection systems, etc.
2 /

Work with various operating systems:

You need to be aware of how operating systems like Windows, Linux, and macOS employ security.
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(