Nuno is a Co-Founder and the CEO of Probely. He has over 20 years of professional experience in IT and throughout his career, he acquired vast knowledge in Information Security, Unix system administration, architecture and development of large-scale web applications, entrepreneurship, and leadership skills.
In the past, he led SAPO Security Team and PT Pay (MEO Wallet) Security and Fraud teams, where he implemented a security governance model, provided security guidance during the development lifecycle of projects, implemented PCI-DSS (Payment Card Industry Data Security Standard) within PT Pay, audited several projects and was responsible for the architecture and design of the Anti-Fraud solution for Meo Wallet.
He holds an MSc in Information Technology - Information Security from Carnegie Mellon University and FCUL (dual degree program).
The Consortium for Information and Software Quality estimates that the cost of poor software quality in the United States reached $2.41 trillion in 2022. That’s nearly 10% of the current GDP within the US. As we will show, it makes sense that the cost of poor software quality is so high. It’s also completely avoidable, and software flaws must be avoided with the world’s increased dependency on software.
There will always be a natural tension between cybersecurity teams and developers. After all, it's the developer's role to "develop." They want and are paid to create and ship new applications and features that help move the organization forward. It's the role of security, however, to make sure bad things don't happen when new software is deployed, such as suffering from a data breach or the loss of availability of business services due to vulnerable software.
The entire team is abruptly woken up by the deafening screech of the fire alarm. Everyone is suddenly snapped awake and confused in a state of panic. Even though this wasn't a premeditated event, it was a good lesson for the team on the impact of false positives. At Probely, we thrive at having one of the best false-positive rates in the market, and incidents like this help pass the message to the other team members.
This blog post defines GDPR Compliance for web application and API security, lists its potential technical and business impacts for the critical risks, explains how the Probely scanner can help with GDPR compliance and provides examples of what you can do right now to get started.
Depending on the target's nature, you may want to prevent scans from running at certain times. For instance, when you don't want scans to affect your team's productivity during working hours or when you want to guarantee that your website can handle all customer requests during peak hours. With Probely, you can pause and resume scans later, both on-demand and automatically.
This blog post describes our partnership with the OLX Group that enabled them to use Probely’s API driven security scanner to secure their customer data and facilitate creativity. Probely integrated quickly with their in-house solution Dalek and provided evidence of vulnerabilities with no false positives.
Understand how to use Teams to mimic your company’s structure better and address its needs. Please note that this feature is only available for Probely Plus. Teams provide a way for you to group Users, API keys, and Targets in one place so that managing them becomes easier and time-efficient. You can create multiple teams for one account. Teams act as independent units/groups and help you separate and assign targets for each team, limit the number of targets, set scopes, and user roles. One user can be added to different teams and assigned roles that don’t affect one another, such as an admin, developer, or a custom role.
Log4j is a Java-based logging utility that is widely used in the Java world. Check if your application is vulnerable to log4j using Probely.
Our web application scanning software’s latest update enables you to integrate Jira with Probely. Atlassian’s Jira is one of the most widely adopted issue and project tracking software systems available and has been named the number one software development tool for agile teams.
An efficient DevSecOps pipeline relies on scaling web applications and API security. And, small development teams are required to take on increasing responsibility for security without large security teams. This blog post offers an efficient solution to the challenge of scaling in DevSecOps teams.
