DEV Community

Security

Hopefully not just an afterthought!

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
The Who, the What, the Where, and How To Limit the Blast Radius

The Who, the What, the Where, and How To Limit the Blast Radius

8
Comments
8 min read
Thinking Like a Hacker: Stealing Secrets with a Malicious GitHub Action

Thinking Like a Hacker: Stealing Secrets with a Malicious GitHub Action

9
Comments 1
4 min read
How to set up "always encrypted" Rocket.Chat🚀 on Kubernetes

How to set up "always encrypted" Rocket.Chat🚀 on Kubernetes

17
Comments
5 min read
Drawing conclusions from TON Hack Challenge

Drawing conclusions from TON Hack Challenge

10
Comments 4
3 min read
Web-app security risks demonstrated

Web-app security risks demonstrated

6
Comments
12 min read
Case of Study: Buffer Overflow and arbitrary code execution in C.

Case of Study: Buffer Overflow and arbitrary code execution in C.

1
Comments
4 min read
How to create SBOMs in Java with Maven and Gradle

How to create SBOMs in Java with Maven and Gradle

2
Comments
8 min read
Security in The Cloud: Encryption On AWS (Part 1: KMS)

Security in The Cloud: Encryption On AWS (Part 1: KMS)

3
Comments
8 min read
AWS Incident Response: How To Contain An EC2 Instance?

AWS Incident Response: How To Contain An EC2 Instance?

10
Comments
9 min read
The MSSP Guide to Red Hat

The MSSP Guide to Red Hat

1
Comments
6 min read
Setup and Configuring AWS Gateway Load Balancer

Setup and Configuring AWS Gateway Load Balancer

6
Comments
3 min read
About OAuth 2.0

About OAuth 2.0

5
Comments
1 min read
Pwnagotchi, waveshare 2.13v3, pisugar 3

Pwnagotchi, waveshare 2.13v3, pisugar 3

4
Comments 2
3 min read
The genesis and architecture of my CyberGordon project

The genesis and architecture of my CyberGordon project

4
Comments
6 min read
Using DNS as C2 Communication - Evasive Techniques (Part 3)

Using DNS as C2 Communication - Evasive Techniques (Part 3)

2
Comments
3 min read
Top Recon Tools

Top Recon Tools

7
Comments 2
1 min read
Spring Actuator - Finding Actuators using Static Code Analysis - Part 2

Spring Actuator - Finding Actuators using Static Code Analysis - Part 2

1
Comments
10 min read
Introducing Nitrogen: Deploy Web Servers and Databases to AWS Nitro Enclaves

Introducing Nitrogen: Deploy Web Servers and Databases to AWS Nitro Enclaves

14
Comments
3 min read
Auth0 with Go - Gin backend with JWT middleware

Auth0 with Go - Gin backend with JWT middleware

7
Comments 1
5 min read
Sekurak MSHP CTF Summary - Part 1

Sekurak MSHP CTF Summary - Part 1

2
Comments
3 min read
A different way of retrieving secrets in Lambda functions

A different way of retrieving secrets in Lambda functions

36
Comments 1
5 min read
evalidate: secure eval() for python

evalidate: secure eval() for python

2
Comments
1 min read
What Is Open-Source? A Simple Introduction

What Is Open-Source? A Simple Introduction

3
Comments
2 min read
1 minute Canaries

1 minute Canaries

Comments
1 min read
Running an HTTP Server with AWS Nitro Enclaves

Running an HTTP Server with AWS Nitro Enclaves

5
Comments 2
5 min read
Thinking Like a Hacker: AWS Keys in Private Repos

Thinking Like a Hacker: AWS Keys in Private Repos

5
Comments
5 min read
Is your package.json safe?

Is your package.json safe?

9
Comments
2 min read
Share Securely

Share Securely

2
Comments
2 min read
Integrating Pangea Audit and Embargo APIs with RedwoodJS

Integrating Pangea Audit and Embargo APIs with RedwoodJS

2
Comments
13 min read
Build a Bitwise Permission System

Build a Bitwise Permission System

53
Comments 20
3 min read
Cyber security - common vulnerabilities and their prevention methods which every aspiring developer should know about

Cyber security - common vulnerabilities and their prevention methods which every aspiring developer should know about

2
Comments 1
6 min read
Are the numbers we generate truly random?

Are the numbers we generate truly random?

6
Comments 4
3 min read
Securing Your Secret Using AWS Systems Manager (Parameter Store)

Securing Your Secret Using AWS Systems Manager (Parameter Store)

1
Comments
3 min read
[PWN.02] Open Read Write

[PWN.02] Open Read Write

1
Comments
2 min read
Defender for DevOps on AzureDevOps

Defender for DevOps on AzureDevOps

15
Comments 8
9 min read
Configure Bicep code scanning in GitHub with Microsoft Defender for DevOps

Configure Bicep code scanning in GitHub with Microsoft Defender for DevOps

14
Comments 1
5 min read
What is an SMTP Server?

What is an SMTP Server?

3
Comments
7 min read
[pwnable.kr] fd writeup

[pwnable.kr] fd writeup

1
Comments
2 min read
Static Code Analysis using Semgrep App

Static Code Analysis using Semgrep App

4
Comments
3 min read
Using YubiKey resident keys for Git and SSH on macOS

Using YubiKey resident keys for Git and SSH on macOS

14
Comments 3
4 min read
Next.js Authentication with Okta and NextAuth.js 4.0

Next.js Authentication with Okta and NextAuth.js 4.0

5
Comments
8 min read
🪄 Grype jq tricks : csv for spreadsheets 📊

🪄 Grype jq tricks : csv for spreadsheets 📊

5
Comments 4
1 min read
Internal Security

Internal Security

12
Comments 3
7 min read
Reviewing CVE-2022-42889: The arbitrary code execution vulnerability in Apache Commons Text (Text4Shell)

Reviewing CVE-2022-42889: The arbitrary code execution vulnerability in Apache Commons Text (Text4Shell)

Comments
2 min read
Secrets at the Command Line [cheat sheet included]

Secrets at the Command Line [cheat sheet included]

3
Comments
13 min read
An Ultimate Guide to Web Application Security

An Ultimate Guide to Web Application Security

11
Comments
5 min read
Multi-tenant Security

Multi-tenant Security

5
Comments
4 min read
Table stakes for Detection Engineering

Table stakes for Detection Engineering

7
Comments
7 min read
Using Hashicorp Vault to Write/Read Secrets in Terraform KV1 Backend

Using Hashicorp Vault to Write/Read Secrets in Terraform KV1 Backend

Comments
1 min read
Why Passkeys are Better than Passwords

Why Passkeys are Better than Passwords

3
Comments
4 min read
AWS CodeWhisperer - Your ML powered Coding companion

AWS CodeWhisperer - Your ML powered Coding companion

8
Comments
5 min read
MS Defender 4 cloud: Devops security in Github environment

MS Defender 4 cloud: Devops security in Github environment

7
Comments 3
2 min read
Como sanitizar(limpar) os erros no Express para evitar vazamento de informações importantes

Como sanitizar(limpar) os erros no Express para evitar vazamento de informações importantes

5
Comments
6 min read
Quickly Build Secure Microservices in Python

Quickly Build Secure Microservices in Python

16
Comments
8 min read
What is CORB?

What is CORB?

10
Comments
3 min read
Setting up the correct permissions for cross-region replication of KMS-encrypted objects

Setting up the correct permissions for cross-region replication of KMS-encrypted objects

2
Comments
5 min read
Improving Security of Nuxt 3

Improving Security of Nuxt 3

30
Comments 10
3 min read
How to use Java DTOs to stay secure

How to use Java DTOs to stay secure

2
Comments
6 min read
Build a end to end DevSecOps pipeline for Nodejs project

Build a end to end DevSecOps pipeline for Nodejs project

1
Comments
3 min read
Getting started with AWS Multi-account approach

Getting started with AWS Multi-account approach

6
Comments 2
10 min read
loading...