Block SQL injections, not your customers
Jb
SQL Injections? How are those still a thing? A SQL injection is the art of modifying the structure of a SQL query in a way that was not intended by…
Browsing Tag
Security
29 posts
Securing Legacy Applications
Matthew
Legacy applications. If there’s one thing that developers agree on, it’s that they don’t want to work on them. If not that, it’s that they’re often, by default, assumed to…
Stop using pycrypto. Use pycryptodome instead
Paul
As we are still seeing a lot of applications depending on the Python Cryptography Toolkit (aka pycrypto) to manage their cryptography, this is a quick reminder to stop using it. The vulnerability…
Getting Developers to Care More About Security
Security, it’s a topic that’s become near and dear to my heart as a software developer. But that doesn’t mean that every developer shares my perspective. What’s more, we’re a…
When users put your app at risk. The attack surface iceberg
Pierre
Introduction Web applications handle a lot of user accounts and data today. This is especially true for B2C products, but self-service SaaS applications also deal with thousands of user accounts.…
Anatomy of Cloudflare’s CloudBleed: what you need to know and fix
TL;DR This post gathers what you need to know, and what you need to do, if you use CloudFlare, or if you personally used a website using CloudFlare. CloudFlare is…
4 Essential Steps to Protect Web Applications
In our last article on OWASP Top 10 cheat sheet for startup CTOs we discussed the anatomy of application vulnerabilities and saw how CTOs can secure their applications against the OWASP top 10.…
Security In 2016 – The Year In Review
As 2017 is already off to a flying start, it’s a good time to stop and take a look back at some of the security breaches and issues that happened…
MongoDB will not prevent NoSQL injections in your Node.js app
Vladimir
Last updated: December, 2020 The follow-up on how to prevent NoSQL injections in MongoDB in a Node.js app can be found here. TL;DR – Mongo and Node.js are not safe…
Why Web Application Firewalls fail to protect web applications
If there’s one constant in the modern era, besides the near-ubiquity of technology — or perhaps because of it — it’s security. Actually, it’s security breaches. In the last 12…