How safe are SaaS products?
Pierre
SaaS is cool. You get up and running quickly, and get tremendous new capabilities in just a few clicks. Dozens of SaaS products have become popular, and new solutions are…
Browsing Category
Security
136 posts
Detecting human hackers in your app with Sqreen
Paul
If you’re a developer, a CTO or a DevOps, how can you identify attackers in your user base before they exploit a vulnerability in your application? As soon as you…
Securing Legacy Applications
Matthew
Legacy applications. If there’s one thing that developers agree on, it’s that they don’t want to work on them. If not that, it’s that they’re often, by default, assumed to…
Stop using pycrypto. Use pycryptodome instead
As we are still seeing a lot of applications depending on the Python Cryptography Toolkit (aka pycrypto) to manage their cryptography, this is a quick reminder to stop using it. The vulnerability…
Getting Developers to Care More About Security
Security, it’s a topic that’s become near and dear to my heart as a software developer. But that doesn’t mean that every developer shares my perspective. What’s more, we’re a…
When users put your app at risk. The attack surface iceberg
Introduction Web applications handle a lot of user accounts and data today. This is especially true for B2C products, but self-service SaaS applications also deal with thousands of user accounts.…
Cybersecurity Risk Assessment for Startup CTOs
François Menet
Introduction: more than tinfoil hats Congratulations! If you’re reading this, you are part of the lucky few that understand they need to care about cybersecurity risk management. You would think…
Anatomy of Cloudflare’s CloudBleed: what you need to know and fix
Jb
TL;DR This post gathers what you need to know, and what you need to do, if you use CloudFlare, or if you personally used a website using CloudFlare. CloudFlare is…
4 Essential Steps to Protect Web Applications
In our last article on OWASP Top 10 cheat sheet for startup CTOs we discussed the anatomy of application vulnerabilities and saw how CTOs can secure their applications against the OWASP top 10.…
Web application security: check one of your 2018 resolutions today
2017 is off to a great start and like most engineers, your list of new year’s resolutions probably contains: Improve your code coverage Clean your technical debt Improve your regression…