Official Sqreen Blog | Web Application Protection Platform For Developers

state of saas security

Security analysis of the top 1000 SaaS companies: we still have a long way to go

March 20, 2019

8 security best practices for SaaS startup CTOs

March 13, 2019

Single-page applications need better auditing

March 5, 2019

From Ruby to Python

How I switched from Ruby to Python

January 30, 2019

Radix Trees Demystified

How Radix trees made blocking IPs 5000 times faster

January 15, 2019

PyParis 2018

December 6, 2018

Jira conversation

Giving a voice to Jira

December 3, 2018

by Oscar Baracos

Streaming data with Amazon Kinesis

Streaming data with Amazon Kinesis

September 10, 2018

by Bartosz Telenczuk

WebAssembly Performance Benchmark

WebAssembly vs. the world. Should you use WebAssembly?

August 21, 2018

ESLint backdoor

ESLint backdoor: revoke all the tokens

July 12, 2018

Equifax CVE

In code we Struts: in-depth review of a Java vulnerability for developers

June 14, 2018

Buffer under-read in Ruby

An in-depth look at CVE-2018-8778 or why integer overflows are still a thing!

March 30, 2018

Y Combinator

It’s time for transparent security

March 23, 2018

Reflected XSS explained: how to prevent reflected XSS in your app

March 8, 2018

Context information storage for asyncio

February 26, 2018

Scaling CSS

CSS best practices for fast-growing SaaS startups

February 2, 2018

bad bots protection

Bad bots are eating the world. But developers will save us all

January 27, 2018

Crypto Exchanges Security

Security analysis of the most popular cryptocurrency exchanges

January 25, 2018

Authentication in Vue.js

Authentication Best Practices for Vue

January 18, 2018

security.txt for Ruby

Security.txt toolbox for your Ruby app

January 18, 2018

ICO Security

In ICO, the S stands for Security

January 11, 2018

Command Injection in Ruby

Protecting against the command injection vulnerability in Net::FTP

December 19, 2017

Securing Static Websites

Security for Static Websites

December 19, 2017

by Don Goodman-Wilson

SPA protection

Single Page Applications and static websites also deserve some security

December 12, 2017

by Arnaud Breton

Monitoring the performance of a Node.js web application

November 21, 2017

Sqreen’s got a new logo, what?

November 13, 2017

by Don Goodman-Wilson

state of node.js security

State of Node.js Security 2017

November 9, 2017

by Don Goodman-Wilson

SAST vs. DAST vs. RASP

SAST, DAST, and RASP: A guide to the new security alphabet soup

October 11, 2017

by Don Goodman-Wilson

Poison Packages in Python

September 18, 2017

by Don Goodman-Wilson

detect and block bad bots

Detecting and blocking bad bots

August 31, 2017

Interview Banner - Blog Post

Interview: Ricardo Félix – Scaling DevOps at Uniplaces

August 8, 2017

Using the Sqreen Agent without PII

August 3, 2017

by Don Goodman-Wilson

SecDevOps Banner

What is SecDevOps and why should you care?

July 19, 2017

XSS Cross-Site Scripting Slim Ruby

Discovering a Cross Site Scripting (XSS) vulnerability in Slim

July 12, 2017

Docker Security - Container Security

Docker Security Best Practices

June 22, 2017

Content Security Policy has never been simpler

June 21, 2017

XSS in Vue JS

XSS in Vue.js

June 7, 2017

JavaScript engine performance benchmark for Node.js

Picking the best JS engine for your Node app’s performance

June 5, 2017

Heroku Security Add-on - Sqreen

Heroku Security Add-on: Protect your app from attackers

June 1, 2017

Security API for developers

The Sqreen API: A New Security Tool for Developers

May 10, 2017

by Don Goodman-Wilson

Spark on Amazon EMR

A journey to Amazon EMR (and Spark)

May 3, 2017

Code Vulnerabilities and SQL Injections in Ruby on Rails

Preventing SQL injections in Ruby (and other vulnerabilities)

April 14, 2017

by Chris Chinchilla

SQL injection icon

Block SQL injections, not your customers

April 11, 2017

OpenDoor SaaS Security

How safe are SaaS products?

April 6, 2017

Improve Node.js App Performance

Optimize your Node app by simply upgrading Node.js

March 30, 2017

where is hacker - detecting hackers in your app

Detecting human hackers in your app with Sqreen

March 28, 2017

Securing Legacy Applications

Securing Legacy Applications

March 23, 2017

Stop using pycrypto. Use pycryptodome instead

March 23, 2017

Security for developers

Getting Developers to Care More About Security

March 17, 2017

Cyber Attack Surface for web application security

When users put your app at risk. The attack surface iceberg

March 16, 2017

Best Practices for Secure Applications

10 Best Practices to Build Secure Applications

March 14, 2017

Interview Banner - Blog Post

Interview: Claudiu Popa – Using Pylint for Python Static Analysis

March 10, 2017

Dynamic Instrumentation in Node.js

Behind the Scenes: Building a Dynamic Instrumentation Agent for Node.js

March 9, 2017

Cybersecurity Risk Assessment for Startup CTO

Cybersecurity Risk Assessment for Startup CTOs

March 6, 2017

by François Menet

Preventing SQL injections in Python (and other vulnerabilities)

February 28, 2017

by Chris Chinchilla

Anatomy of Cloudflare’s CloudBleed: what you need to know and fix

February 24, 2017

essential steps for application protection

4 Essential Steps to Protect Web Applications

February 21, 2017

OWASP top 10 vulnerabilities cheat sheet for CTOs

OWASP Top 10 Cheat Sheet

February 16, 2017

How to build, test and deploy React Applications in 2017

How to build, test and deploy React Applications

February 2, 2017

Dynamic Instrumentation Agent for Python

Behind the Scenes: Building a Dynamic Instrumentation Agent for Python

January 24, 2017

Application Security Resolutions

Web application security: check one of your 2018 resolutions today

January 19, 2017

Pyramid Framework support in Sqreen's security solution for Python

Pyramid Security: announcing our Pyramid framework support for Python

January 17, 2017

How to avoid NoSQL injections in MongoDB in a Node.js app

How to prevent NoSQL injections in MongoDB in a Node.js app

January 12, 2017

Dynamic Instrumentation in Ruby

Behind the Scenes: Building a Dynamic Instrumentation Agent for Ruby

January 11, 2017

Security in review banner

Security In 2016 – The Year In Review

January 9, 2017

NoSQL injections in Node.js with MongoDB

MongoDB will not prevent NoSQL injections in your Node.js app

December 15, 2016

Monitor your application security in New Relic Insights

December 9, 2016

Why Web Application Firewalls Fail to protect web applications

Why Web Application Firewalls fail to protect web applications

November 23, 2016

Tor Node.js Banner

Identify Tor connections in Node.js with Tor-test

November 15, 2016

continuous integration CI

How To Choose Your CI Tool

November 4, 2016

Tor – the good, the bad, and the ugly

November 3, 2016

The SaaS CTO Security Checklist

October 25, 2016

Rails Vulnerabilities

The two most common vulnerabilities in Rails (with code)

October 10, 2016

Sqreen at EuRuKo 2016 – Europe’s largest Ruby Conference

October 6, 2016

Sqreen in the finals of TechCrunch Startup Battlefield

September 27, 2016

Announcing Node.JS + Python support and a new interface

September 16, 2016

Malicious Code Injections in Node.js

One easy way to inject malicious code in any Node.js application

August 22, 2016

Embedding JavaScript into Python

August 2, 2016

Myheaders.sqreen.com

7 HTTP headers to secure your app for the busy web developer

July 28, 2016

From the Archive: Application security from the inside [Presentation at OWASP]

July 25, 2016

frozen python

Freeze your Python with str.encode and threads

July 12, 2016

Content Security Policy CSP

Integrating Content Security Policy into your Rails applications

July 11, 2016

App Security Illustration

App Security – The painful invisible challenge that we love to hate

July 8, 2016

Tune your App Performance (and get fit for summer)

July 8, 2016

Ruby on Rails Security in your Continuous Integration

July 7, 2016

Developers Vs. Security

The usual (git) flow of Developers Vs. Security

July 7, 2016