<img height="1" width="1" style="display:none;" alt="" src="https://analytics.twitter.com/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0"> <img height="1" width="1" style="display:none;" alt="" src="//t.co/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0">

Web Application Security Blog

Goran Begic

Goran is an accomplished product marketer with a passion for innovation and market disruption. With a background in electrical engineering, Goran uses his curious nature, strategic insight and affinity for finding solutions to complex problems to successfully bring new high-tech software products to market. As Internet and cloud technology emerged, Goran saw the opportunity for transformation in application security. After leading product management of the code security testing solution at Veracode, he joined IMMUNIO to take on the convoluted world of software protection, bringing his ability to bridge the gap between industry need and sustainable product to bear. Prior to IMMUNIO and Veracode Goran was leading product marketing at software quality provider SmartBear following his tenure at MathWorks, IBM and Rational Software where he worked on software for development, analysis and testing of designs, binaries and source code.

Recent Posts

API Security: An Overview

POSTED BY  Goran Begic on Dec 06, 2016
Dec 06 2016

Many modern web or mobile applications use an application programming interface (API) on the back end. As a set of tools and protocols that enable developers to provide flexibility and scalability in the front end applications, APIs are an...

Continue Reading ›

TOPICS     Web Application Security

RASP Adoption: A View From the Trenches (Part 3)

POSTED BY  Goran Begic on Nov 23, 2016
Nov 23 2016

In the first two parts of this three-part post I introduced basic concept surrounding runtime application self-protection (RASP) and how it differs from web application firewalls (WAF). In the second part, I discussed features and use cases that...

Continue Reading ›

TOPICS     Application Security  RASP  Web Application Security

RASP Adoption: A View From the Trenches (Part 2)

POSTED BY  Goran Begic on Nov 15, 2016
Nov 15 2016

In the first part of this three-part post I introduced some basic concepts surrounding runtime application self-protection (RASP) and how it differs from web application firewalls (WAF).

In this post I focus on capabilities offered by RASP...

Continue Reading ›

TOPICS     Application Security  RASP  Web Application Security

RASP Adoption: A View From The Trenches (Part 1)

POSTED BY  Goran Begic on Nov 08, 2016
Nov 08 2016

Runtime application self-protection (RASP) is one of the newest security technologies. In the early stages of adoption in the industry, this method of protecting web apps promises dynamic defense and automatic mitigation of vulnerabilities.

Continue Reading ›

TOPICS     Vulnerabilities  RASP  Web Application Security

What is the Network Perimeter, Anyway?

POSTED BY  Goran Begic on Nov 03, 2016
Nov 03 2016

The original idea of a network perimeter is based on the notion that an organization’s internal information assets—hardware devices, hosts, applications, and data—can be protected from outside threats coming from third parties and public...

Continue Reading ›

TOPICS     Application Security  Web Application Security

Changing the AppSec Paradigm

POSTED BY  Goran Begic on Oct 25, 2016
Oct 25 2016

Traditional approaches to application security are outdated and inefficient. With many organizations suffering from a web application security skills gap, the situation will likely get worse before it gets better. Increasingly, those who write...

Continue Reading ›

TOPICS     Application Security  RASP  Web Application Security

You’ve Been Hacked: Why Web Application Security Programs Should Start with RASP

POSTED BY  Goran Begic on Oct 20, 2016
Oct 20 2016

Web applications help trusted users navigate your site and your content. They also provide direct entrée into your system for those who wish to harm your organization. If your web applications aren’t secure, neither are you. As hackers begin to...

Continue Reading ›

TOPICS     AppSec Tools  RASP  Web Application Security

How RASP Works: A Primer

POSTED BY  Goran Begic on Oct 13, 2016
Oct 13 2016

Developers are embracing dynamic languages like Python, Node.js, and Java to build complex web applications, but the increasing pace of development adds to the difficulty of securing these apps. Runtime Application Self-Protection, or RASP, is an...

Continue Reading ›

TOPICS     WAF vs. RASP  Nodejs  Python

Web Application Security Intelligence: Making Security Analytics Even More Powerful

POSTED BY  Goran Begic on Oct 11, 2016
Oct 11 2016

Web applications remain the number one source of data breaches, as researchers at Verizon found in their 2016 Data Breach Investigations Report. But application security operations and best practices have not evolved to keep up with the rapid...

Continue Reading ›

TOPICS     AppSec Tools  Web Application Security  Security analytics

Account Takeover Attacks: An Overview

POSTED BY  Goran Begic on Sep 22, 2016
Sep 22 2016

It’s a fact of life: web applications are inherently insecure. To protect your corporate information assets, your network, and your customers, the most important thing you can do is to protect your web applications. And the biggest threat to web...

Continue Reading ›

TOPICS     AppSec Tools  RASP  Account Takeover