Sqreen’s architecture through the ages: part three
Benoit
Welcome to part three of the Sqreen architecture through the ages series. In case you missed it, here is part one, and here is part two. In this third and…
Sqreen’s architecture through the ages: part two
Welcome back to part two of our series on Sqreen’s architecture through the ages. Part one covered Sqreen’s history pre-customers up to the point where we first started supporting our…
Sqreen’s architecture through the ages: part one
Sqreen’s architecture has evolved a lot over the years. As one of the main protagonists in all these changes, I’m often asked about the previous steps we took and the…
How I switched from Ruby to Python
This article is a personal experience shared by Benoit, Sqreen’s first engineer who worked on the Ruby agent and on the Python backend. Ruby, a love story Back in 2008…
An in-depth look at CVE-2018-8778 or why integer overflows are still a thing!
A new exciting vulnerability (yes sorry, we easily get excited about these things 😜) has been released in Ruby. CVE-2018-8778 is a Buffer under-read that is triggered by String#unpack. Kudos…
Security.txt toolbox for your Ruby app
What is security.txt? Security is all about tradeoffs. We all know we should be doing something about it in our application, yet, so few of us do. Strangely enough one…
Discovering a Cross Site Scripting (XSS) vulnerability in Slim
What is Slim? Slim is a templating engine for the Ruby ecosystem. It is a domain-specific language (DSL) that is meant to ease the burden of writing HTML views for…
The two most common vulnerabilities in Rails (with code)
Ruby on Rails is one of the most popular frameworks used to create web applications. It’s very easy to start using it; it shines to do any kind of non-trivial…