Anyone who works on application security knows developers are inseparable from AppSec programs. Even so, the hardest part is figuring out how to get security on their agenda and actively involve them in preventing and managing vulnerabilities. Only with their buy-in and active involvement, it is possible to scale an application security program to the level desired by AppSec teams, especially in large enterprises where developers way outnumber security engineers.

OWASP ASVS is a great project to provide a framework of security controls for design and define the basis of secure development. But the problem is when you decide to use these checks in your organization, you end up with a 71-page pdf file or an OWASP ASVS checklist (excel sheet). It is incredibly hard for organizations to adapt and spread the word within the company.

A recent report suggests that 700,000 new cybersecurity professionals have joined the market since 2020. But still, we are nowhere near closing the talent gap. LinkedIn shows only about +3k people with the "Application Security Engineer" job title. Let's dive into the world of application security.

“Are we paying a fair price for this tool?” is the question every decision-maker asks themselves before making a significant purchase decision. As one of the nascent categories in the application security space, one of the significant challenges ASOC category is likely to face is the value it creates.

We are thrilled to announce our seed round by ScaleX Ventures. With this investment, we welcome Dilek Dayınlarlı to our board of directors and Berkay Mollamustafaoğlu to our advisory board.

Gartner just released the Hype Cycle for Application Security 2022, and the main topic was the rise of application security orchestration and correlation (ASOC) tools. As Kondukto, we have been in “this neighbourhood” for more than 3 years; we want to take the chance to say something about “why you need an ASOC platform”.