Security interview: Adam Baldwin on iterating security at npm
Josh
Recently, we sat down with Adam Baldwin, VP of Security at npm, to discuss his approach to security and what he’s learned as far as security goes throughout his career.…
SOC 2 compliance guide for startups
Carlos Schults
Security has always been a big concern for business organizations. Nowadays, it’s an even more significant concern, and it isn’t hard to understand why. The technology world changes at an…
What is a Content Security Policy (CSP) and why is it important?
Eric
Trust is the fundamental currency of the internet. You trust your service provider that they’ll continue to maintain your internet access. Your developers trust your architecture provider when they say…
What is chaos engineering and why does it matter?
The big day is finally here. That project your team has been working on for the last six months? It’s launching today. A little giddy with anticipation, the team monitors…
An overview of the CIS 20: a security foundation for your organization
One of the more common mistakes that I see organizations make on digital security is ignoring free resources that can help their business level up. This is rarely intentional. Instead,…
SIEM for startups: why should you care?
Mark Robinson
Security information and event management (SIEM) products came into the limelight during the early 2000s. They are widely regarded as something that only large enterprises need. While it’s true that…
Building a native add-on for Node.js in 2019
Vladimir
Okay, but first: why the hell would you build a native add-on for Node.js? The Node.js/JavaScript ecosystem is the most popular in the world with more than 1 million packages…
How to secure your Heroku application
Lou Bichard
I’m guessing you’re here because you’ve got an application up on Heroku, and you’re wondering what steps you need to take to keep it secure. If so, then awesome—you’re in…
What NIST recommends for cybersecurity and applications
Justin Reynolds
Cybersecurity is a growing concern for businesses of all sizes and industries—and for good reason. As cybersecurity threats and attacks increase each year and more businesses move into software, the…
The most common types of ATO attacks
As a security owner, you need to protect your users against a wide variety of attacks. Many engineers spend a great deal of time focusing on big-picture attacks. They want…