Arnab Roy Chowdhury
5 security best practices for Java
Eric
When it came along in the mid-1990s, Java promised a revolution in programming languages. At the time, a great deal of business programming took place in C or C++. Anyone…
Developer security best practices: protecting against timing attacks
Boris
One of the great things about security is that there is always more to learn. When you’re protecting your applications and users, understanding the kinds of attacks bad actors may…
How to choose the right pentester for you
There are a variety of reasons your company might look to hire a penetration tester. For many companies, their first foray into penetration testing comes at the request of a…
Kubernetes security best practices
Christian Meléndez
There’s no doubt that Kubernetes adoption has increased a lot since its first release. But, as Ian Coldwater said in his talk about abusing the Kubernetes defaults: Kubernetes is insecure…
Top 10 security traps to avoid when migrating from a monolith to microservices
Your team is thinking about migrating from a monolithic architecture to microservices. You’re intrigued. The promises of additional scalability and more predictable deployments sound nice. You’ve also been down this…
Sqreen recently blocked a major ATO attack against ourselves. Here’s how we did it
Émile-Hugo
At Sqreen, our mission is to make security transparent and accessible to everyone. Part of that mission includes sharing what we learn about security and what happens if we get…
7 tips for strengthening your security posture around GDPR
Michiel Mulders
Security is an ongoing effort. It’s worth assessing your security situation from time to time, and as GDPR fines have started to land, it’s a good time to review your…
Top 10 security best practices for MongoDB
Casey Dunham
The world is becoming increasingly aware of the massive amounts of data floating around the internet. Not surprisingly, many people have concerns about this. These concerns have led to a lot…
Fixing a critical issue: a journey into Ruby web server startup sequences, part two
Loic
So where are we jumping into this story? This post is part two of our story on how we dove into Ruby web server startup sequences to fix a strange…
Fixing a critical issue: a journey into Ruby web server startup sequences, part one
Introduction In this post-mortem blog post we’ll explore the oft-neglected Rack’s design and Ruby web server startup sequence in depth through the lens of a surprising critical issue encountered by…