Two weeks ago Sqreen was a proud Puma sponsor of EuRuKo the biggest Ruby conference in Europe. It brought together over 700 Ruby aficionados in Sofia, Bulgaria. Being present with a…
Security Today At Sqreen, we believe that security is not adapted to modern software development. Developers today have easy and powerful developer tools for almost everything. They can provision apps in 1 command…
What is Sqreen? Sqreen is an automated and continuous security solution for developers. It protects web applications with no source code modification or traffic redirection. Once deployed, the solution provides…
tl;dr This article describes a method of injecting arbitrary code in Node.js modules. It does not encourage unethical behavior. The chain used to include instances of modules can be tampered to…
TL; DR: v8.py PyMiniRacer brings a compiled V8 interpreter and a simple interface to the Python community: Our needs Sqreen needs a stable, performant and embeddable JavaScript solution for Python.…
Modern web browsers offer a lot of security features aimed at protecting your users from a wide variety of threats such as malware installed on their device, hackers listening to…
Today we are sharing a presentation that our CTO Jean-Baptiste Aviat did at the OWASP (Open Web Application Security Project) a couple of months ago. Hackers have several ways to…
While working on the sqreen.com Python agent, I discovered a rather nasty, but fun to analyse bug that lead me deep into Python internals. The nasty bug I was working…
TL; DR Content Security Policy (CSP) is an HTTP response header that restricts the browser to loading external assets such as scripts, styles or media from a wide variety of…
We fought on the security frontline at Apple for about ten years. Our mission was simple: to attack products using any means necessary and then work on the fixes with development…