Dag Flachet
@dagflachet.bsky.social
Co-founder of Codific. Professor and board member of the Geneva Business School. Doctorate in behavioral psychology. Entrepreneur and Appsec champion.
How does the impact of CRA compare with GDPR?
www.helpnetsecurity.com/2025/04/18/d...
www.helpnetsecurity.com/2025/04/18/d...
Securing digital products under the Cyber Resilience Act - Help Net Security
The Cyber Resilience Act sets minimum security standards for digital products, differing from GDPR in its regulatory approach.
www.helpnetsecurity.com
April 25, 2025 at 2:09 PM
How does the impact of CRA compare with GDPR?
www.helpnetsecurity.com/2025/04/18/d...
www.helpnetsecurity.com/2025/04/18/d...
For the first time in my career I will be speaking at the main Global Appsec Conference.
If you are interested in appsec, or you are just a really good friend and want to support me, you are more than welcome to attend!
The main talk is on Thursday 29th of May at 3:30PM at CCIB Barcelona.
If you are interested in appsec, or you are just a really good friend and want to support me, you are more than welcome to attend!
The main talk is on Thursday 29th of May at 3:30PM at CCIB Barcelona.
March 13, 2025 at 6:42 PM
For the first time in my career I will be speaking at the main Global Appsec Conference.
If you are interested in appsec, or you are just a really good friend and want to support me, you are more than welcome to attend!
The main talk is on Thursday 29th of May at 3:30PM at CCIB Barcelona.
If you are interested in appsec, or you are just a really good friend and want to support me, you are more than welcome to attend!
The main talk is on Thursday 29th of May at 3:30PM at CCIB Barcelona.
A layered perspective to security programs. What is the right level for you? codific.com/information-...
Information Security and Cybersecurity: Understanding the Layers
Understanding the differences between information security and cybersecurity. Explore the layers of security across the organization.
codific.com
January 10, 2025 at 4:52 PM
A layered perspective to security programs. What is the right level for you? codific.com/information-...
In 2024 we finally had the impression we moved the meter, at least a tiny bit, in helping to build a simple and safe digital future. The road is long and the steps are small. Let's take more baby steps in 2025 and mature the world appsec defences.
January 8, 2025 at 9:15 PM
In 2024 we finally had the impression we moved the meter, at least a tiny bit, in helping to build a simple and safe digital future. The road is long and the steps are small. Let's take more baby steps in 2025 and mature the world appsec defences.
At Codific we invest a lot of effort in different OWASP projects, and OWASP SAMM is our favorite. We do this for "free" but we get a lot in return. Recognition is one thing, but more important is a seat at the table designing the simple and safe digital future. www.linkedin.com/posts/owasp-...
OWASP SAMM on LinkedIn: Supporters
🎉 We're thrilled to announce CODIFIC as OWASP SAMM's first Gold supporter!
Their incredible contributions over the past year have helped transform key…
www.linkedin.com
January 6, 2025 at 7:36 PM
At Codific we invest a lot of effort in different OWASP projects, and OWASP SAMM is our favorite. We do this for "free" but we get a lot in return. Recognition is one thing, but more important is a seat at the table designing the simple and safe digital future. www.linkedin.com/posts/owasp-...
There are more than 1000 controls in NIST 800-53, so how do you find your way? codific.com/what-is-nist...
What is NIST 800-53? A comprehensive guide
Learn what NIST 800-53 is, its structure, advantages, and how to implement it effectively to manage risks and enhance cybersecurity.
codific.com
December 20, 2024 at 2:10 PM
There are more than 1000 controls in NIST 800-53, so how do you find your way? codific.com/what-is-nist...
Need to comply with HIPAA? My colleague Mahe just published a guide. codific.com/hipaa-an-imp...
HIPAA: An Implementation Guide
Explore key steps for implementing HIPAA compliance, ensuring patient privacy and enhancing data security in healthcare.
codific.com
December 12, 2024 at 12:14 PM
Need to comply with HIPAA? My colleague Mahe just published a guide. codific.com/hipaa-an-imp...
FOMO? Dying to get hacked like everyone else you know. We got your back! codific.com/how-to-get-h...
A Guide on How to Get Hacked
Unlock the comically disastrous world of cyber-insecurity with our satirical guide on how to get hacked! Disclaimer: THIS BLOG IS SATIRICAL.
codific.com
December 9, 2024 at 7:44 PM
FOMO? Dying to get hacked like everyone else you know. We got your back! codific.com/how-to-get-h...
Chess is still the king of all games, convince me otherwise! codific.com/appsec-and-c...
AppSec and Chess: Two different worlds with remarkable parallels
Learn about application security (AppSec) by learning about some of its many parallels with the beautiful game of chess.
codific.com
December 8, 2024 at 12:07 PM
Chess is still the king of all games, convince me otherwise! codific.com/appsec-and-c...
OWASP, NIST, ISO, so many standards and frameworks. If only your assessment in one could map to the next. Well, it turns out it can, kinda. codific.com/bridging-com...
Bridging Compliance Standards: Harnessing SAMMY and OpenCRE
Discover how bridging compliance standards can help organizations navigate the complex landscape of AppSec and improve overall security.
codific.com
December 5, 2024 at 3:39 PM
OWASP, NIST, ISO, so many standards and frameworks. If only your assessment in one could map to the next. Well, it turns out it can, kinda. codific.com/bridging-com...
Google calendar now has dark mode. But, I really don't care, and I don't get the fuss. All apps are boasting dark mode now as if it is something super high tech. Bro, I had dark mode on my MS-Dos pc.
December 3, 2024 at 11:17 AM
Google calendar now has dark mode. But, I really don't care, and I don't get the fuss. All apps are boasting dark mode now as if it is something super high tech. Bro, I had dark mode on my MS-Dos pc.
NIST SSDF or OWASP SAMM which one to pick as the backbone of your application security program? And you really have to pick? codific.com/comparing-ni...
Comparing NIST SSDF and OWASP SAMM: A Comprehensive Analysis
Comparing NIST SSDF and OWASP SAMM: Which is the best framework for your application security program? Find out in our latest blog post.
codific.com
December 2, 2024 at 11:43 AM
NIST SSDF or OWASP SAMM which one to pick as the backbone of your application security program? And you really have to pick? codific.com/comparing-ni...
Black Friday special: OWASP SAMM is now free to use. Wait.. aren't all OWASP resources free? ...shhhh!
a group of people standing in front of a sign that says shh they don t know that
ALT: a group of people standing in front of a sign that says shh they don t know that
media.tenor.com
November 29, 2024 at 2:12 PM
Black Friday special: OWASP SAMM is now free to use. Wait.. aren't all OWASP resources free? ...shhhh!
Happy thanksgiving, and a special thank you to anyone who contributes to an open source project!
November 28, 2024 at 11:39 AM
Happy thanksgiving, and a special thank you to anyone who contributes to an open source project!
Doctors and nurses have always been there for us. From the first to the last breath, they are there when it really matters. So it is nice when we, the nerdy computer people, can do something back for them. youtu.be/k6oClwzUa9k?...
Codific Videolab
YouTube video by Codific
youtu.be
November 27, 2024 at 2:02 PM
Doctors and nurses have always been there for us. From the first to the last breath, they are there when it really matters. So it is nice when we, the nerdy computer people, can do something back for them. youtu.be/k6oClwzUa9k?...
So what does a OWASP SAMM interview look like? Who do you interview? What does the interview look like? How many people should you interview? How can you get started? www.youtube.com/watch?v=3Btv...
How to carry out interviews for OWASP SAMM Assessments?
YouTube video by Codific
www.youtube.com
November 26, 2024 at 8:02 AM
So what does a OWASP SAMM interview look like? Who do you interview? What does the interview look like? How many people should you interview? How can you get started? www.youtube.com/watch?v=3Btv...
Using OWASP SAMM allows you to communicate internally in a nuanced way about the security state and security roadmap of each team, project or business unit. codific.com/reporting-wi... #appsec #owasp #infosec
Reporting with OWASP SAMM
Reporting with OWASP SAMM. How to adequately collect, aggregate and report data across large organizations.
codific.com
November 25, 2024 at 6:55 AM
Using OWASP SAMM allows you to communicate internally in a nuanced way about the security state and security roadmap of each team, project or business unit. codific.com/reporting-wi... #appsec #owasp #infosec
As a company you can keep track of all your appsec processes with BSIMM or SAMM. But which one should you pick? codific.com/bsimm-vs-samm/
BSIMM vs SAMM: Which model is better?
Discover the differences between BSIMM vs SAMM, two leading frameworks for building effective application security programs.
codific.com
November 24, 2024 at 7:11 AM
As a company you can keep track of all your appsec processes with BSIMM or SAMM. But which one should you pick? codific.com/bsimm-vs-samm/
Unpopular opinion: some regulations are good. Trump claims he will try to do away with a lot of regulation. But some regulation is actually actionable and effective. Case in point FISMA. Government and government contractors should be held to high security standards.
codific.com/how-to-imple...
codific.com/how-to-imple...
How to implement FISMA
Implementing FISMA made easy: Follow our practical guidelines to achieve information security and compliance for government data.
codific.com
November 22, 2024 at 9:13 AM
Unpopular opinion: some regulations are good. Trump claims he will try to do away with a lot of regulation. But some regulation is actually actionable and effective. Case in point FISMA. Government and government contractors should be held to high security standards.
codific.com/how-to-imple...
codific.com/how-to-imple...
Here is a deep dive by OWASP SAMM experts on the practical aspects of SAMM assessments. With
@aramh.bsky.social Maxim Baele, Brian Glas and Rob van de Veer. What a dream team :) youtu.be/Zg-HN17D3O8?...
@aramh.bsky.social Maxim Baele, Brian Glas and Rob van de Veer. What a dream team :) youtu.be/Zg-HN17D3O8?...
SAMM Assessment: Everything you need to know from industry experts
YouTube video by Codific
youtu.be
November 21, 2024 at 10:14 AM
Here is a deep dive by OWASP SAMM experts on the practical aspects of SAMM assessments. With
@aramh.bsky.social Maxim Baele, Brian Glas and Rob van de Veer. What a dream team :) youtu.be/Zg-HN17D3O8?...
@aramh.bsky.social Maxim Baele, Brian Glas and Rob van de Veer. What a dream team :) youtu.be/Zg-HN17D3O8?...
So how is the other guy doing? Are you top off class? Find out in the OWASP SAMM benchmark. codific.com/owasp-samm-b...
OWASP SAMM Benchmark Data Update
View the latest OWASP SAMM Benchmark data including our in-depth analysis and interpretation of the results.
codific.com
November 20, 2024 at 10:55 AM
So how is the other guy doing? Are you top off class? Find out in the OWASP SAMM benchmark. codific.com/owasp-samm-b...
How to manage for security when dealing with outsourced development teams. Here is a practical guide to the best practices. codific.com/application-...
Supplier Security Explained: Security Best Practices for Outsourced Development
Ensure application security best practices for outsourced development. Learn how to evaluate suppliers and set clear security objectives.
codific.com
November 19, 2024 at 9:49 AM
How to manage for security when dealing with outsourced development teams. Here is a practical guide to the best practices. codific.com/application-...
Did you know there is a completely free OWASP SAMM fundamentals training on Thinkific led by @aramh.bsky.social. check it out: codific.com/the-owasp-sa...
The OWASP SAMM Training
OWASP SAMM Fundamentals is the training you need to get started with the SAMM framework. This free SAMM training takes around 6 hours.
codific.com
November 18, 2024 at 1:40 PM
Did you know there is a completely free OWASP SAMM fundamentals training on Thinkific led by @aramh.bsky.social. check it out: codific.com/the-owasp-sa...
The EU cyber resilience act (CRA) is here. Some call it the GDPR of security. Sounds expensive and dangerous to your European business. But OWASP SAMM can help you manage for a security centric approach: codific.com/comply-with-...
How to comply with the EU Cyber Resilience Act (CRA).
How to comply with CRA? Everything you need to know to demonstrate CRA compliance. A detailed guide to all requirements.
codific.com
November 18, 2024 at 6:32 AM
The EU cyber resilience act (CRA) is here. Some call it the GDPR of security. Sounds expensive and dangerous to your European business. But OWASP SAMM can help you manage for a security centric approach: codific.com/comply-with-...