Cyber Security References

Starting a new web based project? This is a reference of useful security related links and tools. Mostly web focused generally related to technologies I happen to be working with.

There are many related terms which are not all the same, but do share much overlap; WebSec/WebSecOps, DevSec/DevSecOps, Cyber/CyberSec/Cyber Security, SDLC. Security in general should be one of the first considerations when planning a new feature. As with most things in software development, the earlier security is considered the cheaper it is to apply its principles. I won’t go in to details on that philosophy in this post, but this is also known as shifting left which is common when talking about testing strategies.

This post contains a selection of resources related to Cyber Security for an easy reference. There are a lot of these out there, so this particular list is by no means exhaustive.


Security Code Scan – static code analyser for .NET


Uses the public OSS Index database to scan for vulnerable Nuget packages.



Open Source library vulnerability scanning.



SSL Labs SSL Test


Security Headers

Check security related HTTP headers on publicly available sites.


‘;–have i been pwned?


Blogs / Podcasts

Troy Hunt


Security Now


Andrew Lynes: The Blog


Information Resources / Databases



Microsoft Security Development Lifecycle


Common Vulnerabilities and Exposures


NIST National Vulnerability Database


I’d like to keep this somewhat up to date. If you have any other suggestions please let me know in the comments.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s