Interview Banner - Blog Post

Security leader interview: Adam Surak on approaching security at Algolia

May 15, 2019

by Josh

How we built V8 natively on ARM

May 9, 2019

by Émile-Hugo

Building a dynamic instrumentation agent for PHP

April 29, 2019

by Jb

How to debug memory leaks in a Node.js application on Heroku

April 18, 2019

by Vladimir

A new security plugin for Wordpress

Introducing a new plugin for making your WordPress more secure

April 11, 2019

by Maurice

ASM

Introducing Application Security Management (and our new funding round!)

April 2, 2019

by Pierre

Fully leverage your pentest

How to fully leverage your pentest

March 28, 2019

by Jb

state of saas security

Security analysis of the top 1000 SaaS companies: we still have a long way to go

March 20, 2019

by Josh

8 security best practices for SaaS startup CTOs

March 13, 2019

by Jb

Single-page applications need better auditing

March 5, 2019

by Vladimir

From Ruby to Python

How I switched from Ruby to Python

January 30, 2019

by Benoit

Radix Trees Demystified

How Radix trees made blocking IPs 5000 times faster

January 15, 2019

by Émile-Hugo

PyParis 2018

December 6, 2018

by Janis

Jira conversation

Giving a voice to Jira

December 3, 2018

by Oscar Baracos

Streaming data with Amazon Kinesis

Streaming data with Amazon Kinesis

September 10, 2018

by Bartosz Telenczuk

WebAssembly Performance Benchmark

WebAssembly vs. the world. Should you use WebAssembly?

August 21, 2018

by Vladimir

ESLint backdoor

ESLint backdoor: revoke all the tokens

July 12, 2018

by Vladimir

Equifax CVE

In code we Struts: in-depth review of a Java vulnerability for developers

June 14, 2018

by Sylvain

Buffer under-read in Ruby

An in-depth look at CVE-2018-8778 or why integer overflows are still a thing!

March 30, 2018

by Benoit

Y Combinator

It’s time for transparent security

March 23, 2018

by Pierre

Reflected XSS explained: how to prevent reflected XSS in your app

March 8, 2018

by Jb

asyncio logo python

Context information storage for asyncio

February 26, 2018

by Vivien

Scaling CSS

CSS best practices for fast-growing SaaS startups

February 2, 2018

by FX

bad bots protection

Bad bots are eating the world. But developers will save us all

January 27, 2018

by Paul

Crypto Exchanges Security

Security analysis of the most popular cryptocurrency exchanges

January 25, 2018

by Paul

Authentication in Vue.js

Authentication Best Practices for Vue

January 18, 2018

by Thibaud

security.txt for Ruby

Security.txt toolbox for your Ruby app

January 18, 2018

by Benoit

ICO Security

In ICO, the S stands for Security

January 11, 2018

by Jb

Command Injection in Ruby

Protecting against the command injection vulnerability in Net::FTP

December 19, 2017

by Paul

Securing Static Websites

Security for Static Websites

December 19, 2017

by Don Goodman-Wilson

SPA protection

Single Page Applications and static websites also deserve some security

December 12, 2017

by Arnaud Breton

Monitoring the performance of a Node.js web application

November 21, 2017

by Vladimir

Sqreen’s got a new logo, what?

November 13, 2017

by Don Goodman-Wilson

state of node.js security

State of Node.js Security 2017

November 9, 2017

by Don Goodman-Wilson

SAST vs. DAST vs. RASP

SAST, DAST, and RASP: A guide to the new security alphabet soup

October 11, 2017

by Don Goodman-Wilson

Poison Packages in Python

September 18, 2017

by Don Goodman-Wilson

detect and block bad bots

Detecting and blocking bad bots

August 31, 2017

by Matthew

Interview Banner - Blog Post

Interview: Ricardo Félix – Scaling DevOps at Uniplaces

August 8, 2017

by Paul

Using the Sqreen Agent without PII

August 3, 2017

by Don Goodman-Wilson

SecDevOps Banner

What is SecDevOps and why should you care?

July 19, 2017

by Matthew

XSS Cross-Site Scripting Slim Ruby

Discovering a Cross Site Scripting (XSS) vulnerability in Slim

July 12, 2017

by Benoit

Docker Security - Container Security

Docker Security Best Practices

June 22, 2017

by Matthew

Content Security Policy has never been simpler

June 21, 2017

by Paul

XSS in Vue JS

XSS in Vue.js

June 7, 2017

by Thibaud

JavaScript engine performance benchmark for Node.js

Picking the best JS engine for your Node app’s performance

June 5, 2017

by Vladimir

Heroku Security Add-on - Sqreen

Heroku Security Add-on: Protect your app from attackers

June 1, 2017

by Paul

Security API for developers

The Sqreen API: A New Security Tool for Developers

May 10, 2017

by Don Goodman-Wilson

Spark on Amazon EMR

A journey to Amazon EMR (and Spark)

May 3, 2017

by Christophe

Code Vulnerabilities and SQL Injections in Ruby on Rails

Preventing SQL injections in Ruby (and other vulnerabilities)

April 14, 2017

by Chris Chinchilla

SQL injection icon

Block SQL injections, not your customers

April 11, 2017

by Jb

OpenDoor SaaS Security

How safe are SaaS products?

April 6, 2017

by Pierre

Improve Node.js App Performance

Optimize your Node app by simply upgrading Node.js

March 30, 2017

by Vladimir

where is hacker - detecting hackers in your app

Detecting human hackers in your app with Sqreen

March 28, 2017

by Paul

Securing Legacy Applications

Securing Legacy Applications

March 23, 2017

by Matthew

Python Logo on Blue Background

Stop using pycrypto. Use pycryptodome instead

March 23, 2017

by Paul

Security for developers

Getting Developers to Care More About Security

March 17, 2017

by Matthew

Cyber Attack Surface for web application security

When users put your app at risk. The attack surface iceberg

March 16, 2017

by Pierre

Best Practices for Secure Applications

10 Best Practices to Build Secure Applications

March 14, 2017

by Matthew

Interview Banner - Blog Post

Interview: Claudiu Popa – Using Pylint for Python Static Analysis

March 10, 2017

by Paul

Dynamic Instrumentation in Node.js

Behind the Scenes: Building a Dynamic Instrumentation Agent for Node.js

March 9, 2017

by Vladimir

Cybersecurity Risk Assessment for Startup CTO

Cybersecurity Risk Assessment for Startup CTOs

March 6, 2017

by François Menet

Preventing SQL injections in Python (and other vulnerabilities)

February 28, 2017

by Chris Chinchilla

Cloudbleed Logo

Anatomy of Cloudflare’s CloudBleed: what you need to know and fix

February 24, 2017

by Jb

essential steps for application protection

4 Essential Steps to Protect Web Applications

February 21, 2017

by Matthew

OWASP top 10 vulnerabilities cheat sheet for CTOs

OWASP Top 10 Cheat Sheet

February 16, 2017

by Matthew

How to build, test and deploy React Applications in 2017

How to build, test and deploy React Applications

February 2, 2017

by Mohamed

Dynamic Instrumentation Agent for Python

Behind the Scenes: Building a Dynamic Instrumentation Agent for Python

January 24, 2017

by Boris

Application Security Resolutions

Web application security: check one of your 2018 resolutions today

January 19, 2017

by Pierre

Pyramid Framework support in Sqreen's security solution for Python

Pyramid Security: announcing our Pyramid framework support for Python

January 17, 2017

by Boris

How to avoid NoSQL injections in MongoDB in a Node.js app

How to prevent NoSQL injections in MongoDB in a Node.js app

January 12, 2017

by Vladimir

Dynamic Instrumentation in Ruby

Behind the Scenes: Building a Dynamic Instrumentation Agent for Ruby

January 11, 2017

by Jb

Security in review banner

Security In 2016 – The Year In Review

January 9, 2017

by Matthew

NoSQL injections in Node.js with MongoDB

MongoDB will not prevent NoSQL injections in your Node.js app

December 15, 2016

by Vladimir

Monitor your application security in New Relic Insights

December 9, 2016

by Boris

Why Web Application Firewalls Fail to protect web applications

Why Web Application Firewalls fail to protect web applications

November 23, 2016

by Matthew

Tor Node.js Banner

Identify Tor connections in Node.js with Tor-test

November 15, 2016

by Vladimir

continuous integration CI

How To Choose Your CI Tool

November 4, 2016

by Matthew

Tor – the good, the bad, and the ugly

November 3, 2016

by Christophe

The SaaS CTO Security Checklist

October 25, 2016

by Paul

Rails Vulnerabilities

The two most common vulnerabilities in Rails (with code)

October 10, 2016

by Benoit

Sqreen at EuRuKo 2016 – Europe’s largest Ruby Conference

October 6, 2016

by Paul

Sqreen in the finals of TechCrunch Startup Battlefield

September 27, 2016

by Paul

Announcing Node.JS + Python support and a new interface

September 16, 2016

by Paul

Malicious Code Injections in Node.js

One easy way to inject malicious code in any Node.js application

August 22, 2016

by Vladimir

Embedding JavaScript into Python

August 2, 2016

by Jb

Myheaders.sqreen.com

7 HTTP headers to secure your app for the busy web developer

July 28, 2016

by Alexander

From the Archive: Application security from the inside [Presentation at OWASP]

July 25, 2016

by Jb

frozen python

Freeze your Python with str.encode and threads

July 12, 2016

by Boris

Content Security Policy CSP

Integrating Content Security Policy into your Rails applications

July 11, 2016

by Jb

App Security Illustration

App Security – The painful invisible challenge that we love to hate

July 8, 2016

by Pierre

Tune your App Performance (and get fit for summer)

July 8, 2016

by Jb

Ruby on Rails Security in your Continuous Integration

July 7, 2016

by Jb

Developers Vs. Security

The usual (git) flow of Developers Vs. Security

July 7, 2016

by Pierre