DEV Community

Security

Hopefully not just an afterthought!

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
Authorization and Authentication For Everyone

Authorization and Authentication For Everyone

489
Comments 25
15 min read
Using the Snyk API with Python

Using the Snyk API with Python

8
Comments 1
2 min read
TL;DR: DNS Cache Poisioning;

TL;DR: DNS Cache Poisioning;

3
Comments
1 min read
How to secure websites against vulnerabilities (Backend and Frontend)

How to secure websites against vulnerabilities (Backend and Frontend)

7
Comments
5 min read
Input Validation: Client-side or Server-side?

Input Validation: Client-side or Server-side?

68
Comments 51
1 min read
How to encrypt database fields transparently for your app using Acra and DigitalOcean managed PostgreSQL

How to encrypt database fields transparently for your app using Acra and DigitalOcean managed PostgreSQL

8
Comments 3
11 min read
How do you manage passwords?

How do you manage passwords?

26
Comments 42
1 min read
Security news weekly round-up - 7th August 2020

Security news weekly round-up - 7th August 2020

5
Comments
5 min read
How to Properly Leverage Elasticsearch and User Behavior Analytics for API Security

How to Properly Leverage Elasticsearch and User Behavior Analytics for API Security

9
Comments
6 min read
Fine-grained Decentralized Cloud Access with Macaroons: Pt. 2, Use Cases

Fine-grained Decentralized Cloud Access with Macaroons: Pt. 2, Use Cases

2
Comments
7 min read
Compliance of data solutions based on InterSystems technology with GDPR (Europe), CCPA (California) and LGPD (Brazil)

Compliance of data solutions based on InterSystems technology with GDPR (Europe), CCPA (California) and LGPD (Brazil)

3
Comments
6 min read
How to use SSL in PostgreSQL The Right Way: Encrypt Your Data in Transit

How to use SSL in PostgreSQL The Right Way: Encrypt Your Data in Transit

5
Comments
1 min read
[DevSecOps] #3 Prometheus,Grafanaを使用したサーバ監視基盤の構築手順

[DevSecOps] #3 Prometheus,Grafanaを使用したサーバ監視基盤の構築手順

6
Comments
3 min read
[DevSecOps] #4 Prometheus + MongoDB監視導入手順

[DevSecOps] #4 Prometheus + MongoDB監視導入手順

5
Comments
2 min read
OAuth 2.0 - Before You Start: Pick the Right Flow for Your Website, SPA, Mobile App, TV App, and CLI

OAuth 2.0 - Before You Start: Pick the Right Flow for Your Website, SPA, Mobile App, TV App, and CLI

67
Comments
8 min read
[DevSecOps] #2 まず見える化する

[DevSecOps] #2 まず見える化する

5
Comments
1 min read
[DevSecOps] #1 ビジネスを加速する文化的処方箋

[DevSecOps] #1 ビジネスを加速する文化的処方箋

4
Comments
1 min read
YANMSS (Yet Another New Mac Setup Script)!

YANMSS (Yet Another New Mac Setup Script)!

7
Comments
4 min read
Automatically upgrade security vulnerabilities with this Yarn audit fix alternative

Automatically upgrade security vulnerabilities with this Yarn audit fix alternative

6
Comments 1
2 min read
3 Open Source Security Risks and How to Address Them: What You Need to Know

3 Open Source Security Risks and How to Address Them: What You Need to Know

11
Comments 2
7 min read
HMAC and MACs – The Inner Workings of JWTs

HMAC and MACs – The Inner Workings of JWTs

7
Comments
4 min read
We Can’t Talk About Privacy Without Developers

We Can’t Talk About Privacy Without Developers

7
Comments 2
10 min read
Weird Unicode Behaviors

Weird Unicode Behaviors

7
Comments
2 min read
Lodash: Understanding the recent vulnerability and how we can rally behind packages

Lodash: Understanding the recent vulnerability and how we can rally behind packages

11
Comments
8 min read
PHP and Composer lovers, this if for you

PHP and Composer lovers, this if for you

5
Comments
1 min read
Outsource Application Security: Should You Consider It?

Outsource Application Security: Should You Consider It?

6
Comments 1
4 min read
A Brief Introduction to Securing Applications with JWT

A Brief Introduction to Securing Applications with JWT

48
Comments 6
7 min read
Splunk: AWS CloudWatch Log Ingestion - Part 2 - Splunk Add-On for AWS

Splunk: AWS CloudWatch Log Ingestion - Part 2 - Splunk Add-On for AWS

5
Comments
10 min read
The EU Court of Justice invalidated the EU-US Data Protection Shield decision. Why is this important?

The EU Court of Justice invalidated the EU-US Data Protection Shield decision. Why is this important?

6
Comments 2
2 min read
How to encrypt strings & files in your source code?

How to encrypt strings & files in your source code?

142
Comments 16
5 min read
Deep Dive into Container Security Scanning

Deep Dive into Container Security Scanning

1
Comments
1 min read
Why Twitter’s Hack Isn’t About Twitter or Bitcoin: It’s About Our Identity on the Internet

Why Twitter’s Hack Isn’t About Twitter or Bitcoin: It’s About Our Identity on the Internet

6
Comments
4 min read
Pwnd Password Checking on the Edge

Pwnd Password Checking on the Edge

7
Comments
6 min read
CTF.live - Secret in Claim

CTF.live - Secret in Claim

2
Comments
3 min read
Dica Rápida: Protegendo senhas com BCrypt.Net

Dica Rápida: Protegendo senhas com BCrypt.Net

29
Comments 2
3 min read
The minimal server setup guide.

The minimal server setup guide.

30
Comments 1
2 min read
How do you talk about digital security with your friends and family?

How do you talk about digital security with your friends and family?

24
Comments 12
1 min read
Splunk: AWS CloudWatch Log Ingestion - Part 1 - Introduction & Setup

Splunk: AWS CloudWatch Log Ingestion - Part 1 - Introduction & Setup

4
Comments
3 min read
Best Practices for Onboarding Security & Compliance Scanning Tools

Best Practices for Onboarding Security & Compliance Scanning Tools

9
Comments
4 min read
Live Exploiting Your Open Source Dependencies with Brian Vermeer 17:46

Live Exploiting Your Open Source Dependencies with Brian Vermeer

67
Comments 39
1 min read
Network Scanning with Scapy in Python

Network Scanning with Scapy in Python

39
Comments
6 min read
Building a secure GraphQL app in minutes with Hasura

Building a secure GraphQL app in minutes with Hasura

101
Comments 7
7 min read
Give your API More Security Layer

Give your API More Security Layer

8
Comments
3 min read
Testing the API waters with FeatherHTTP and Microsoft.Identity.Web

Testing the API waters with FeatherHTTP and Microsoft.Identity.Web

13
Comments
6 min read
How to deal with Linux file and directory permission

How to deal with Linux file and directory permission

10
Comments
31 min read
Segurança da informação

Segurança da informação

4
Comments
5 min read
Security news weekly round-up - 31st July 2020

Security news weekly round-up - 31st July 2020

2
Comments
3 min read
Securing Your Terraform Pipelines with Conftest, Regula, and OPA

Securing Your Terraform Pipelines with Conftest, Regula, and OPA

21
Comments 1
5 min read
WebRTC - The technology that powers Google Meet/Hangout, Facebook Messenger and Discord

WebRTC - The technology that powers Google Meet/Hangout, Facebook Messenger and Discord

132
Comments 10
8 min read
Webapp pre-launch checklist?

Webapp pre-launch checklist?

17
Comments 5
1 min read
JFrog Xray & Microsoft Teams

JFrog Xray & Microsoft Teams

3
Comments
2 min read
NodeSecure PDF Report

NodeSecure PDF Report

9
Comments
3 min read
How do browsers make websites?

How do browsers make websites?

10
Comments
6 min read
Reflected XSS attack on localStorage

Reflected XSS attack on localStorage

11
Comments 1
3 min read
The Ten Commandments of Container Security

The Ten Commandments of Container Security

6
Comments
7 min read
Sensitive data encryption in Rails

Sensitive data encryption in Rails

32
Comments 8
3 min read
5 thoughts from the DevTalks conference

5 thoughts from the DevTalks conference

4
Comments
3 min read
Difference Between Digital Signature and Digital Certificate

Difference Between Digital Signature and Digital Certificate

2
Comments
4 min read
🔑 OAuth 2.0 flows explained in GIFs

🔑 OAuth 2.0 flows explained in GIFs

278
Comments 15
7 min read
Least privilege with less effort: Macaroon access tokens for OAuth

Least privilege with less effort: Macaroon access tokens for OAuth

3
Comments
8 min read
loading...