Lone Peak Security
Security Resources
We believe in the power of shared knowledge and open tools to strengthen security across the board. Here’s a list of some of our favorite blogs, tools, GitHub repositories, and other resources that can help you along your security journey. These resources represent best-in-class thinking and provide actionable guidance for modern security practices.
Security Best Practices
While there are a lot of best practices out there, our favorite is the Security Cheat Sheet Series by OWASP. Just about anything related to application security and development has a cheat sheet explained in simple and clear format for engineers.
​
​
Our Favorite Podcasts
Here is a list of some of our favorite podcasts to help learn about security and the technology industry.
-
Absolute Appsec - With years of experience in application security, Seth and Ken break down all things appsec in practical and clear terms
-
Darknet Diaries - Dramatic stories of true crime from the underbelly of the internet
-
The AI Daily Brief - A short, daily podcast about evolving AI tech
Open Source Tools
You can't build a security program on a budget without open source tooling. Here are some of the tools we use to help keep companies secure.
-
Trivy by Aqua - a container scanning solution to find vulnerable third party packages. It is easy to use and incorporate into CI pipelines.
-
Gitleaks - search your GitHub repos for secrets where they don't belong. It not only searches your current code, but all git history for hidden secrets such as API keys, passwords, and encryption keys
-
Semgrep - a Static Application Security Testing (SAST) tool to scan your proprietary source code for security errors such as XSS, SQL injection, and other common mistakes
