Building secure applications: Top 10 application security best practices
Matthew
Last updated in April, 2021 Recently, here on the blog, I’ve been talking about security and secure applications quite a bit. It’s both a fascinating topic as well as an…
Browsing Tag
Security
29 posts
Preventing SQL injections in Ruby (and other vulnerabilities)
Chris Chinchilla
This post’s topic is very straightforward: SQL injection, Ruby flavored. More specifically, how you can protect your Ruby application against SQL injections—and other common security threats. Ruby is a wonderful…
Preventing SQL injections in Python (and other vulnerabilities)
Python is a wonderful language, ideal for beginners, and easy to scale up from starter projects to complex applications for data processing and serving dynamic web pages. But as you…
OWASP Top 10 Cheat Sheet
In recent times, hacks seem to be increasingly prevalent, not to mention severe. What’s more, it doesn’t matter whether you’re a small player or a big name corporation such as…
Security analysis of the top 1000 SaaS companies: we still have a long way to go
Josh
SaaS has become the de facto standard for most B2B tools and B2C applications. As a result, more and more personal and business-critical data is entrusted to third parties who…
ESLint backdoor: revoke all the tokens
Vladimir
Tl;dr [EDIT 2018-07-16] The official ESLint post-mortem has been released. NPM already revoked all tokens at once so you probably don’t need to do this yourself. A backdoor was introduced…
An in-depth look at CVE-2018-8778 or why integer overflows are still a thing!
Benoit
A new exciting vulnerability (yes sorry, we easily get excited about these things 😜) has been released in Ruby. CVE-2018-8778 is a Buffer under-read that is triggered by String#unpack. Kudos…
Security analysis of the most popular cryptocurrency exchanges
Paul
So you’ve finally decided to buy some Bitcoin, Ethereum or any other coin that’s all the rage these days? At Sqreen, we’re not so much interested in the cryptocurrency craze,…
In ICO, the S stands for Security
Jb
ICOs are all the rage these days. You have ICOs raising millions in seconds, and others losing millions in seconds. Coming from a security background, I wondered if these ICOs…
State of Node.js Security 2017
Don Goodman-Wilson
A wake-up call It will be hard to escape 2017 without a new-found respect for the importance of application security. The Equifax breach, resulting from an exploit of a well-known…