DEV Community

Security

Hopefully not just an afterthought!

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
How to Handle AWS Secrets

How to Handle AWS Secrets

1
Comments
6 min read
A web security story from 2008: silently securing JSON.parse

A web security story from 2008: silently securing JSON.parse

7
Comments 1
5 min read
Notes from competing in my first CTF

Notes from competing in my first CTF

32
Comments 4
4 min read
Security sinks in Ruby on Rails Part 1 - XSS

Security sinks in Ruby on Rails Part 1 - XSS

1
Comments
2 min read
Understanding the nature of XSS

Understanding the nature of XSS

Comments
6 min read
Enhance Server Security: Configuring SSH to Listen on a Non-Default Port and Enabling Public-Key Authentication

Enhance Server Security: Configuring SSH to Listen on a Non-Default Port and Enabling Public-Key Authentication

2
Comments
4 min read
Asymmetric Cryptography with Golang

Asymmetric Cryptography with Golang

21
Comments
3 min read
Guide to Face Detection and Recognition Software Development

Guide to Face Detection and Recognition Software Development

7
Comments 1
15 min read
Store JWT Token with Coroutines

Store JWT Token with Coroutines

22
Comments
2 min read
#Angular Adventure: Mastering Secure Local Storage in Angular with Crypto-js

#Angular Adventure: Mastering Secure Local Storage in Angular with Crypto-js

5
Comments 8
4 min read
How to Get Started with Bug Bounty?

How to Get Started with Bug Bounty?

3
Comments
6 min read
You put what in a public subnet‽

You put what in a public subnet‽

6
Comments
5 min read
"Building Secure and Reliable Systems": How Google's Approach to Security and Reliability Can Benefit Your Organization

"Building Secure and Reliable Systems": How Google's Approach to Security and Reliability Can Benefit Your Organization

1
Comments
3 min read
Decrypt & Validate JWE Tokens with Spring Security

Decrypt & Validate JWE Tokens with Spring Security

11
Comments 1
5 min read
Coding a Port Scanner with Python

Coding a Port Scanner with Python

6
Comments
3 min read
Filter PNGs for Acropalypse using Compute@Edge

Filter PNGs for Acropalypse using Compute@Edge

6
Comments
6 min read
Paso a paso: CĂłmo mejorar la seguridad de tu aplicaciĂłn frontend usando AWS Secret Manager, ejemplo con VueJs

Paso a paso: CĂłmo mejorar la seguridad de tu aplicaciĂłn frontend usando AWS Secret Manager, ejemplo con VueJs

4
Comments 1
11 min read
IAM policies and Service Control Policies (SCPs): How to master and secure access and permissions in an AWS Landing Zone

IAM policies and Service Control Policies (SCPs): How to master and secure access and permissions in an AWS Landing Zone

1
Comments
10 min read
What if I were to tell you that a VPN is no longer useful

What if I were to tell you that a VPN is no longer useful

1
Comments
11 min read
The Importance of Security Operations Center (SOC)

The Importance of Security Operations Center (SOC)

5
Comments
8 min read
Three Ways to Secure Database APIs: Which Is Right for You?

Three Ways to Secure Database APIs: Which Is Right for You?

6
Comments
6 min read
The Web3 Security Guide: Protecting Your Digital Assets in a Decentralized World

The Web3 Security Guide: Protecting Your Digital Assets in a Decentralized World

72
Comments 18
3 min read
The journey to join the offensive security highs (part 1)

The journey to join the offensive security highs (part 1)

8
Comments
4 min read
Credentials substitution at runtime in Python

Credentials substitution at runtime in Python

1
Comments
2 min read
Secure Terraform - Part 3 - terrascan

Secure Terraform - Part 3 - terrascan

Comments
4 min read
Boosting Greenplum security

Boosting Greenplum security

7
Comments
2 min read
Demystifying GraphQL Security: A Comprehensive Guide to Introspection

Demystifying GraphQL Security: A Comprehensive Guide to Introspection

23
Comments
5 min read
SPF, DKIM and DMARC

SPF, DKIM and DMARC

1
Comments
3 min read
Validate an OpenID Connect JWT using a public key in JWKS

Validate an OpenID Connect JWT using a public key in JWKS

28
Comments 1
4 min read
Running a Docker Container with a Custom Non-Root User: Syncing Host and Container Permissions

Running a Docker Container with a Custom Non-Root User: Syncing Host and Container Permissions

92
Comments 4
4 min read
The Old Faithful: Why SSM Parameter Store still reigns over Secrets Manager

The Old Faithful: Why SSM Parameter Store still reigns over Secrets Manager

4
Comments
7 min read
Fazendo Backup dos App Profiles

Fazendo Backup dos App Profiles

Comments
2 min read
Veracode + Windows: Configurando credenciais, Wrapper e Pipeline Scan

Veracode + Windows: Configurando credenciais, Wrapper e Pipeline Scan

1
Comments
2 min read
Let’s scan DEV’s forem project with Bearer and analyze the results

Let’s scan DEV’s forem project with Bearer and analyze the results

14
Comments
7 min read
How to use Burp Suite through a socks5 proxy with proxychains and chisel

How to use Burp Suite through a socks5 proxy with proxychains and chisel

19
Comments 1
4 min read
How use Access Control Rules and GRUD in Laravel 11 (Tutorial step by step)

How use Access Control Rules and GRUD in Laravel 11 (Tutorial step by step)

20
Comments
16 min read
Developing a security mindset: Tips for software engineers

Developing a security mindset: Tips for software engineers

1
Comments
3 min read
Hacking AWS Account via AWS Lambda SSRF

Hacking AWS Account via AWS Lambda SSRF

8
Comments
3 min read
How to Use Chrome Browser Proxy Settings

How to Use Chrome Browser Proxy Settings

1
Comments
6 min read
Breaking and building encryption in NFC digital wallets đź“ł

Breaking and building encryption in NFC digital wallets đź“ł

4
Comments
2 min read
Why you should choose AWS when migrating to the cloud

Why you should choose AWS when migrating to the cloud

1
Comments
4 min read
SecOps - The Most Important Thing No One Does Well Enough.

SecOps - The Most Important Thing No One Does Well Enough.

Comments
6 min read
How to scan your ruby or JS project for security improvements, for free.

How to scan your ruby or JS project for security improvements, for free.

2
Comments
3 min read
Over 150,000 .NET Developers Hit by Harmful NuGet Packages

Over 150,000 .NET Developers Hit by Harmful NuGet Packages

26
Comments 1
5 min read
Hack The Box Writeup: Shoppy

Hack The Box Writeup: Shoppy

1
Comments
22 min read
A Beginner's Guide to AWS Identity and Access Management (IAM)

A Beginner's Guide to AWS Identity and Access Management (IAM)

10
Comments 1
4 min read
How to use Kubernetes Secret to pull private Docker Images from DockerHub

How to use Kubernetes Secret to pull private Docker Images from DockerHub

4
Comments
2 min read
Spring Cloud Gateway Combined with the Security Practice of OAuth2.0 Protocol

Spring Cloud Gateway Combined with the Security Practice of OAuth2.0 Protocol

13
Comments 2
13 min read
API Security Best Practices

API Security Best Practices

1
Comments
4 min read
The State of Public APIs 2023

The State of Public APIs 2023

32
Comments 3
2 min read
How to Think About Software Supply Chain Security - Part 1

How to Think About Software Supply Chain Security - Part 1

1
Comments 1
3 min read
mTLS everywhere!

mTLS everywhere!

34
Comments
11 min read
Protect Your Express.js App from XSS Attacks

Protect Your Express.js App from XSS Attacks

2
Comments
2 min read
Guarding Your AWS Credentials: Identifying Compromises and Mitigating Damage

Guarding Your AWS Credentials: Identifying Compromises and Mitigating Damage

3
Comments
3 min read
Secure Terraform - Part 4 - checkov

Secure Terraform - Part 4 - checkov

Comments
4 min read
Authentication: Token Based Auth vs. Session Based Auth

Authentication: Token Based Auth vs. Session Based Auth

2
Comments 2
6 min read
QuillCTF: 9. WETH10

QuillCTF: 9. WETH10

1
Comments
3 min read
QuillCTF: 8. Pelusa

QuillCTF: 8. Pelusa

Comments
5 min read
SBOM Explained: đź“š An Enterprise Guide to Security Risk Management

SBOM Explained: đź“š An Enterprise Guide to Security Risk Management

41
Comments
4 min read
Converting string to enum at the cost of 50 GB: CVE-2020-36620

Converting string to enum at the cost of 50 GB: CVE-2020-36620

14
Comments 6
6 min read
loading...