DEV Community

Security

Hopefully not just an afterthought!

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
Why you shouldn't expose your incrementing IDs

Why you shouldn't expose your incrementing IDs

9
Comments
3 min read
Building a secure network in AWS (PART 1)

Building a secure network in AWS (PART 1)

6
Comments
5 min read
Tips for working with private files in laravel

Tips for working with private files in laravel

35
Comments 6
3 min read
Same Origin Policy: Demystified

Same Origin Policy: Demystified

29
Comments 1
12 min read
Force Enable AWS MFA And Using Temp Credential

Force Enable AWS MFA And Using Temp Credential

9
Comments 2
4 min read
HSTS Header (Strict Transport Security) Explained

HSTS Header (Strict Transport Security) Explained

8
Comments 5
6 min read
Basic security best-practices for your web app & server

Basic security best-practices for your web app & server

3
Comments
3 min read
Ultimate guide to HTTP Strict Transport Security (HSTS)

Ultimate guide to HTTP Strict Transport Security (HSTS)

16
Comments
10 min read
Using Environment Protection Rules to Secure Secrets When Building External Forks with pull_request_target 🤐

Using Environment Protection Rules to Secure Secrets When Building External Forks with pull_request_target 🤐

12
Comments 2
4 min read
Managing Secrets During Docker Build

Managing Secrets During Docker Build

11
Comments
9 min read
Encrypt your notes with GnuPG

Encrypt your notes with GnuPG

5
Comments
2 min read
Tryhackme Blue

Tryhackme Blue

3
Comments
1 min read
Authentication & Authorization in Microservices Architecture - Part I

Authentication & Authorization in Microservices Architecture - Part I

359
Comments 27
6 min read
Exposing sequential IDs is bad! Here is how to avoid it.

Exposing sequential IDs is bad! Here is how to avoid it.

7
Comments 6
4 min read
Stripe for online payments

Stripe for online payments

11
Comments
2 min read
Securely Access QLDB from a Private Subnet

Securely Access QLDB from a Private Subnet

9
Comments 3
3 min read
SSH - Configurations

SSH - Configurations

4
Comments 2
3 min read
Easily Create Allow (or Deny) Lists for Azure Resources

Easily Create Allow (or Deny) Lists for Azure Resources

Comments
3 min read
Account Factory - provision AWS Accounts

Account Factory - provision AWS Accounts

11
Comments
3 min read
Why PASETO is better than JWT for token-based authentication?

Why PASETO is better than JWT for token-based authentication?

167
Comments 8
11 min read
Why you should host public npm packages in a private registry

Why you should host public npm packages in a private registry

14
Comments
4 min read
Announcing the tru.ID CLI

Announcing the tru.ID CLI

7
Comments
7 min read
How react-native-config make my life easier to steal secret keys of your React Native Application

How react-native-config make my life easier to steal secret keys of your React Native Application

5
Comments
1 min read
Less obvious parts of security asymmetries, by Eugene Pilyankevich

Less obvious parts of security asymmetries, by Eugene Pilyankevich

6
Comments
2 min read
Explaining Authentication Security Issues through Memes!

Explaining Authentication Security Issues through Memes!

3
Comments
2 min read
Firewall for Applications in Kubernetes

Firewall for Applications in Kubernetes

3
Comments
3 min read
Secure Azure deployments with Bicep and Azure Key Vault

Secure Azure deployments with Bicep and Azure Key Vault

20
Comments
6 min read
Security in Software Development - Part 1

Security in Software Development - Part 1

2
Comments
2 min read
Content Security Policy Header: A Complete Guide

Content Security Policy Header: A Complete Guide

10
Comments
15 min read
JS-X-Ray 3.0

JS-X-Ray 3.0

8
Comments 1
2 min read
Password management on the command line

Password management on the command line

15
Comments 2
5 min read
Why you should use passive vulnerability scan on your website

Why you should use passive vulnerability scan on your website

2
Comments 2
2 min read
Store your Kubernetes Secrets in Git thanks to Kubeseal. Hello SealedSecret!

Store your Kubernetes Secrets in Git thanks to Kubeseal. Hello SealedSecret!

59
Comments 2
6 min read
Writeup: HackTheBox Bashed- Without Metasploit (OSCP Prep)

Writeup: HackTheBox Bashed- Without Metasploit (OSCP Prep)

2
Comments
8 min read
Investigations in Windows on TryHackMe (1)

Investigations in Windows on TryHackMe (1)

8
Comments
4 min read
9 Best Practices & UX improvements for the two-factor authentication (2FA)

9 Best Practices & UX improvements for the two-factor authentication (2FA)

13
Comments
7 min read
SameSite Cookies and Why You Need Them

SameSite Cookies and Why You Need Them

8
Comments
7 min read
Putting Security in DevOps

Putting Security in DevOps

1
Comments
1 min read
Stop using your AWS Account root user

Stop using your AWS Account root user

17
Comments 2
3 min read
Why security, encryption, and privacy are not the same thing, by Anastasiia Voitova 03:26

Why security, encryption, and privacy are not the same thing, by Anastasiia Voitova

7
Comments
1 min read
Using Cloudflare to serve your private Azure Storage Blobs

Using Cloudflare to serve your private Azure Storage Blobs

3
Comments
3 min read
Web Application Security Checklist (2021)

Web Application Security Checklist (2021)

232
Comments 2
44 min read
When should my startup prioritize infosec?

When should my startup prioritize infosec?

2
Comments
3 min read
Scan AWS IAM Keys In A Commit

Scan AWS IAM Keys In A Commit

8
Comments
2 min read
fail2ban: block ssh bruteforce attacks 🇬🇧

fail2ban: block ssh bruteforce attacks 🇬🇧

8
Comments
4 min read
Observability of software design - What it is and why it matters

Observability of software design - What it is and why it matters

24
Comments
5 min read
Bandit CTF — 6 to 10 Challenges Writeup

Bandit CTF — 6 to 10 Challenges Writeup

2
Comments
2 min read
IdentityServer4,ASP.NET Identity for Authentication & Authorization with ReactJS client

IdentityServer4,ASP.NET Identity for Authentication & Authorization with ReactJS client

16
Comments 4
3 min read
The Pitfalls of Employee Tracking In The Age Of Remote Working

The Pitfalls of Employee Tracking In The Age Of Remote Working

19
Comments 6
9 min read
Beginners Guide to Networking & Security

Beginners Guide to Networking & Security

1
Comments
16 min read
CSRF Attacks & Prevention: How To Secure Your Web Application (2021)

CSRF Attacks & Prevention: How To Secure Your Web Application (2021)

18
Comments 1
5 min read
Dando permissĂľes a usuĂĄrios com Kubernetes

Dando permissĂľes a usuĂĄrios com Kubernetes

7
Comments
9 min read
Hashing Password combining with Salt in C# and VB.NET

Hashing Password combining with Salt in C# and VB.NET

11
Comments 4
2 min read
Know The Web: SOP (Same Origin Policy)

Know The Web: SOP (Same Origin Policy)

4
Comments
4 min read
An understanding of Spring Security

An understanding of Spring Security

2
Comments
1 min read
CSS Lint for Target _blank, noopener and noreferrer

CSS Lint for Target _blank, noopener and noreferrer

5
Comments
2 min read
Implement RBAC on Azure Key Vault

Implement RBAC on Azure Key Vault

10
Comments
2 min read
Hashing and why it is useful

Hashing and why it is useful

16
Comments
3 min read
Digital resilience: redundancy for websites and communications

Digital resilience: redundancy for websites and communications

2
Comments
5 min read
XSS (Cross-Site Scripting) Attacks & Prevention

XSS (Cross-Site Scripting) Attacks & Prevention

23
Comments
10 min read
loading...