Sqreen at EuRuKo 2016 – Europe’s largest Ruby Conference
Paul
Two weeks ago Sqreen was a proud Puma sponsor of EuRuKo the biggest Ruby conference in Europe. It brought together over 700 Ruby aficionados in Sofia, Bulgaria. Being present with a…
Sqreen in the finals of TechCrunch Startup Battlefield
Security Today At Sqreen, we believe that security is not adapted to modern software development. Developers today have easy and powerful developer tools for almost everything. They can provision apps in 1 command…
Announcing Node.JS + Python support and a new interface
What is Sqreen? Sqreen is an automated and continuous security solution for developers. It protects web applications with no source code modification or traffic redirection. Once deployed, the solution provides…
One easy way to inject malicious code in any Node.js application
Vladimir
tl;dr This article describes a method of injecting arbitrary code in Node.js modules. It does not encourage unethical behavior. The chain used to include instances of modules can be tampered to…
Embedding JavaScript into Python
Jb
TL; DR: v8.py PyMiniRacer brings a compiled V8 interpreter and a simple interface to the Python community: Our needs Sqreen needs a stable, performant and embeddable JavaScript solution for Python.…
7 HTTP headers to secure your app for the busy web developer
Alexander
Modern web browsers offer a lot of security features aimed at protecting your users from a wide variety of threats such as malware installed on their device, hackers listening to…
From the Archive: Application security from the inside [Presentation at OWASP]
Today we are sharing a presentation that our CTO Jean-Baptiste Aviat did at the OWASP (Open Web Application Security Project) a couple of months ago. Hackers have several ways to…
Freeze your Python with str.encode and threads
Boris
While working on the sqreen.com Python agent, I discovered a rather nasty, but fun to analyse bug that lead me deep into Python internals. The nasty bug I was working…
Integrating Content Security Policy into your Rails applications
TL; DR Content Security Policy (CSP) is an HTTP response header that restricts the browser to loading external assets such as scripts, styles or media from a wide variety of…
App Security – The painful invisible challenge that we love to hate
Pierre
We fought on the security frontline at Apple for about ten years. Our mission was simple: to attack products using any means necessary and then work on the fixes with development…