Welcome to Equinor AppSec information pages. This site is primarily written by and for the people working with building/maintaining applications in Equinor, but could also function as a resource for others on the topic of application security.
Some useful resources involving application security, together with some guidelines on various topics.
Information about the Security Champion programme in Equinor. This site will contain guidelines and information for Security Champions
The guidelines contain information related to how to set up Snyk for security scanning of repos, and also other guidelines related to licenses and other topics.
With Threat Modeling being such an important practice in application security, and being a focus area for us, this topic got it's own tab. Here you can find some information about the subject, as well as information about how to get started and what resources the AppSec-team can provide.