We use cookies to further personalise and enhance the user experience, conduct analytical research (for example, counting visits and traffic sources), place advertisements and contact third parties. Users can manage their cookie settings by clicking the "Choose your preferences" link.

Cookie policy
Menu menu
  • Security in Schibsted
  • expand_more

Application & Cloud Security

Security should not be an afterthought but continuously be part of all the phases of the Software Development Lifecycle (SDLC).

Security practices, e.g., Threat modelling, Secure design, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software composition analysis (SCA), and scanning for hard coded secrets in code, should be performed continuously. All findings should be evaluated, and action should be taken accordingly to service specific risk appetite.

Cloud resources must be protected and audited for security issues. Cloud security posture management (CSPM) and container security scanners must be in place.

Read also

A guy in front of computer using chat gpt
Artificial Intelligence / career

How are we training our employees in AI?

Post thumbnail
career / Schibsted stories

Internal career growth at its best

Post thumbnail
career

Navigating AI at Schibsted Marketplaces

A guy in front of computer using chat gpt
Artificial Intelligence / career

How are we training our employees in AI?

Post thumbnail
career / Schibsted stories

Internal career growth at its best

Post thumbnail
career

Navigating AI at Schibsted Marketplaces