Security Training Has a Place in a Secure SDLC
The software development life cycle (SDLC) is a common sight for those who work on software projects. Whether you???re a developer or a security engineer or even a project manager or QA tester, you know all of the pieces by heart. You begin by creating requirements so you know what ... Read More
Improper Access Control In Django: What It Looks Like and How To Fix It
Improper access control is a basic web application vulnerability that still leads to compromises. Small oversights or simply not thinking things through can lead to big problems, such as account takeover or sensitive data being stolen. Let???s take a look at what improper access control looks like in a Django ... Read More
5 Reasons Your App is Insecure
I???ll let you in on a little secret. Most hacks are boring. They aren???t the crazy, complicated ???Ocean???s Eleven??? style plan within a plan hacks you might see on TV or in the movies. To most people, actually hacking a website would be pretty boring. There are pieces of software ... Read More
3 Jobs Other than Developers That Need to Know Application Security
Who is responsible for software security? This question has been asked by many in the industry. It???s asked because when major software vulnerabilities lead to data breaches or major problems, some may want to know who to blame. Others want to know how to prevent such mistakes in the future ... Read More
Zero to Hashing in under 10 Minutes: Argon2 in Nodejs
View a screencast walkthrough of the material in this post. Those who work with the Agile methodology expect change. The security field is no different. It???s hard for developers to keep up with all of the changes in application security practices. In fact, it???s sometimes difficult for security experts to ... Read More
How Do You Encourage Developers to Be Passionate about Security? Give Them Some Grit
Most security teams and security executives want developers to care about application security. This is not to say that developers don???t care about security. Such a sweeping generalization is simply not appropriate. There are developers who care. Still, what organizations want most is to increase the number of developers that ... Read More
Use Golang? These Mistakes Could Compromise Your App’s Security
The Go Programming Language, sometimes referred to as Golang, is Google???s new programming language. It was released in 2009 and has developed a growing fanbase of developers. The TIOBE index, which measures the popularity of programming languages at any given time, has shown steady growth in popularity for Go since ... Read More
