Last week, we officially launched Crash Override: the first platform to deliver deep build inspection as the foundation of Engineering Relationship Management (ERM) 🚀. Read our full announcement below 👇 .

RT @phrack: Thanks for celebrating our anniversary with us, @reconmtl! Enjoy the special release.

My 16 year old is interning with us this summer & looking to meet with appsec folks for 15 mins to ask some questions about appsec problems. His post on LinkedIn is here. - There is a limited edition Crash Override t-shirt in it if you can spare the time!.

This walkthrough shows you how to find & eliminate shadow engineering, inc services not associated with a repos in prod, running a campaign to address rogue build tools & a campaign to ensure applications are being deployed to the right cloud accounts.

The Curious Case of Shadow Engineering - Our latest article about Shadow Engineering and using Crash Override to find and eliminate it to improve engineering effectiveness, efficient and save cost. Oh yeah, and get the right security controls in the right place.

- The OpenAI coding agent has been open-sourced. codex "Look for vulnerabilities and create a security review report" Finds and explains security bugs.

Why thank you. Please DM me and I'll send you some custom @crashappsec swag that will blow your socks off !.

RT @liran_tal: the @crashappsec website brand is wonderful but even more so I think their use of developer marketing strategy for a chat in….

There has been an update to this article since first being published, clarifying why code owners file are useful beyond code ownership. - Code owners files don’t just to serve as white pages. They can be used for Git workflow automation including.- Automated Review Requests:

The following update was also made to this article. . You maybe asking why not just push a code owners file to every repo from the central org settings? The answer is quite simple. Unless you want to violently interrupt the developers existing git

This product walkthrough shows you how you can use the Crash Override platform to make sure that you have code owners files in all of your repos that are ‘deployed production’.

I just updated yesterdays article with an important omission that got lost in editing. Why should you still use code owners files if they aren't good for code ownership?. Code owners files don't just to serve as white pages. They can be used for Git workflow automation including.

RT @semgrep: The best AppSec teams empower their builders. AppSec should be practical, helpful, and built for speed—not the department of….

Cant help think about the timing here. Maybe the new CVE Foundation creation was a 'forced hand' situation?.

This is great to see. The CVE Foundation has been formally established to ensure the long-term viability, stability, and independence of the Common Vulnerabilities and Exposures (CVE) Program, a critical pillar of the global cybersecurity infrastructure for 25 years.

This week is 'code ownership week' on the Crash Override blog. Tomorrow a critique of how people are forced to manage code ownership today, Weds a platform walkthrough of how to build a campaign to make sure you have code-owners files in all your your production code and on