Security | Senacor Blog

CVE Management: More efficient with the right tooling

von Sebastian Schlicht, Steffen Thurner und Lukáš Havrišák | Aug. 19, 2025 | English, Security, Software Engineering, Tools & Frameworks

In today’s interconnected and rapidly evolving software landscape, vulnerabilities are an unavoidable part of development. As the complexity of applications grows, so does the attack surface. With dependencies on numerous external libraries, open-source packages, and container images, transitive CVEs become one of the most common vulnerability findings and worth focusing at. This blog post will introduce you the the world of CVE Management and give you an overview of some common tools you might use.

Quantum Computing and the Future of Cryptography – an Overview

von Tommy Block | Juni 25, 2025 | English, Security, Software Engineering

Quantum computing is a rapidly advancing research area which promises to solve various classically difficult problems, including various cryptographic schemes. Several experts predict that quantum computers will be capable of breaking currently used encryption schemes in a decade. To secure data in the post-quantum future the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has announced the first completed standards for post-quantum cryptography protocols.
This article provides an introduction to quantum computers as well as an overview of post-quantum cryptography.

Reflections on Visiting it-sa Expo&Congress

von Kosae Alhussin | Nov. 25, 2024 | English, Security

As the threats to Information security multiply and evolve each year, our colleague Kosae wasn’t at all surprised to witness the rapid growth of the cybersecurity market at the recent it-sa. In an era where cyber attacks become more sophisticated and frequent, it’s clear that organizations are increasingly prioritizing security measures. This annual gathering showcased some of the latest advancements, strategies, and insights within the field.

How to renovate? Why and how you should use automated dependency updates in your software projects

von Dr. Claas Wilke | Sep. 25, 2024 | Allgemein, English, Security, Software Engineering, Tools & Frameworks

The benefits of automated dependency updates are clear and compelling, yet many development teams face challenges in selecting the right tools. In this article, we offer practical tips to help you harness these tools effectively and unlock their full potential.

Big Blue goes Cloud – Die IBM Cloud unter der Lupe

von Stefan Tombers, Florian Zeidler und Petr Andreev | Sep. 10, 2024 | Architektur, Cloud, Deutsch, Security, Software Engineering, Tools & Frameworks

In Anlehnung an unsere Serie zu den großen EU-Cloudanbietern schauen wir in diesem Artikel mit IBM auf einen weiteren Cloudanbieter, der für hochregulierte Märkte geeignet sein kann.

Scanning a microservice architecture with Veracode Collections

von Mika Döffinger, Martin Wehner und Bastian Hafer | Juli 31, 2024 | Architektur, English, Security, Software Engineering

Facing the escalating number of reported Common Vulnerabilities and Exposures (CVEs), Veracode offers a solution providing comprehensive tools for detection and remediation of security vulnerabilities. The article further delves into how Veracode Collections contributes to overcoming limitations in traditional scanning approaches, allowing a more efficient and customized security review of complex microservice architectures.

Implementing a real-world scenario to handle Supply Chain Security

von Alexander Münch und Edrian Helbing | Apr. 30, 2024 | Security, Software Engineering

Supply Chain Security is an important topic. We have seen this with huge security issues which had received a lot of media attention like Log4j commonly known as "Log4Shell" and just recently the attack on liblzma which was given a 10.0 score on the CVE, which is the...

Zero-Trust-Architecture based on Anthos Service Mesh

von Max Rigling und Bastian Hafer | Apr. 4, 2024 | Cloud, Editor's Choice, English, Security

A deep-dive into the topic of zero-trust architecture with a look on the history of zero-trust, an implementation example as well as the questions and challenges that arose during its implementation.

How to kick-start your Tools-Comparison Radar

von Markus Fischer | Dez. 19, 2023 | English, Security

This year we made a comparison of different tools. Our author Markus describes how we proceeded with the evaluation and what our takeaways were.

Open Source Tools for Software Supply Chain Security

von Nicolas Dunke | Nov. 8, 2023 | English, Security, Tools & Frameworks

In this article we show how you can improve the security of your software supply chain without spending money for software licenses. For this, we present useful open-source tools for automated dependency updates, vulnerability scanning of dependencies, license scanning, SBOM generation, secret detection and scanning of infrastructure as code for vulnerabilities and misconfiguration.