DEV Community

Security

Hopefully not just an afterthought!

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
Performance and security testing. Why bother?

Performance and security testing. Why bother?

2
Comments
12 min read
CloudStick - Server Management Tool

CloudStick - Server Management Tool

5
Comments
3 min read
[VIDEO] Building A Gamified CTF Platform | Devlog #1

[VIDEO] Building A Gamified CTF Platform | Devlog #1

2
Comments
1 min read
GitHub Actions HTTP security with Mozilla Observatory

GitHub Actions HTTP security with Mozilla Observatory

8
Comments
1 min read
The Hidden Cost of 500 Internal Server Error

The Hidden Cost of 500 Internal Server Error

7
Comments
4 min read
TypingDNA is launching a new typing biometrics 2FA solution to replace SMS OTP

TypingDNA is launching a new typing biometrics 2FA solution to replace SMS OTP

20
Comments 2
1 min read
PentesterLab: File Include

PentesterLab: File Include

8
Comments
2 min read
Multi-Tenant Analytics with Auth0 and Cube.js 🔐 — the Complete Guide

Multi-Tenant Analytics with Auth0 and Cube.js 🔐 — the Complete Guide

153
Comments
19 min read
Authentication with Kong's JWT Plugin

Authentication with Kong's JWT Plugin

11
Comments
10 min read
Securing An Express Application

Securing An Express Application

52
Comments
7 min read
Nmap Basics

Nmap Basics

2
Comments
1 min read
Google Cloud: IAM Conditions

Google Cloud: IAM Conditions

7
Comments
3 min read
Which encryption control to choose for your app protection, by Anastasiia Voitova 02:28

Which encryption control to choose for your app protection, by Anastasiia Voitova

4
Comments
1 min read
How CTFs Landed Me A Job As An Offensive Security Engineer

How CTFs Landed Me A Job As An Offensive Security Engineer

5
Comments
4 min read
Is GitHub Safe to Use?

Is GitHub Safe to Use?

9
Comments
1 min read
Enforce MFA on the Azure Portal using Conditional Access

Enforce MFA on the Azure Portal using Conditional Access

9
Comments
3 min read
OWASP Top 10 for Developers: Insufficient Logging and Monitoring

OWASP Top 10 for Developers: Insufficient Logging and Monitoring

2
Comments
6 min read
Cultivating a Security Focused Development Team

Cultivating a Security Focused Development Team

4
Comments
7 min read
Configuring Azure VM’s security groups to allow web-access via your web browser.

Configuring Azure VM’s security groups to allow web-access via your web browser.

4
Comments
3 min read
Use GoAccess To Analyze HAProxy Logs

Use GoAccess To Analyze HAProxy Logs

12
Comments
4 min read
The Complete Guide to Angular Security

The Complete Guide to Angular Security

10
Comments
1 min read
How to make the Firebase Realtime Database Rules Secure for a Blog

How to make the Firebase Realtime Database Rules Secure for a Blog

7
Comments 2
3 min read
How I exploited NPM downloads... and why you shouldn't trust them

How I exploited NPM downloads... and why you shouldn't trust them

115
Comments 12
5 min read
CORS (Cross-Origin Resource Sharing): A Complete Guide

CORS (Cross-Origin Resource Sharing): A Complete Guide

83
Comments
10 min read
Cookie Security: 10 Tips To Protect Your Web Application

Cookie Security: 10 Tips To Protect Your Web Application

12
Comments
12 min read
A privacy guide for the data tracking era

A privacy guide for the data tracking era

8
Comments 1
5 min read
Simplified: Authentication & Authorization

Simplified: Authentication & Authorization

5
Comments
1 min read
Hardening and Simplifying Python's urlopen

Hardening and Simplifying Python's urlopen

5
Comments
4 min read
How to use UUIDs in URLs in Laravel

How to use UUIDs in URLs in Laravel

11
Comments 3
2 min read
How To Generate Strong Passwords Using Python

How To Generate Strong Passwords Using Python

30
Comments 5
2 min read
Subdomain Takeover: Ignore This Vulnerability at Your Peril

Subdomain Takeover: Ignore This Vulnerability at Your Peril

9
Comments
11 min read
Using environment files in Django

Using environment files in Django

5
Comments 2
5 min read
Email Encryption: What it is, How Does It Work, and How to Encrypt an Email

Email Encryption: What it is, How Does It Work, and How to Encrypt an Email

5
Comments 2
6 min read
Microservices End to End In-transit Encryption on EKS with Istio & ACM

Microservices End to End In-transit Encryption on EKS with Istio & ACM

11
Comments 1
6 min read
rego.fyi: A Study in Serverless Authorization with Open Policy Agent

rego.fyi: A Study in Serverless Authorization with Open Policy Agent

16
Comments 3
11 min read
The ultimate guide to Yubikey on WSL2 [Part 4]

The ultimate guide to Yubikey on WSL2 [Part 4]

8
Comments 4
2 min read
Generate AWS Temporary Credential And Add It As A Profile

Generate AWS Temporary Credential And Add It As A Profile

5
Comments
2 min read
File Encrypter and Decrypter

File Encrypter and Decrypter

7
Comments
3 min read
DevOps Engineer Resume: Here's mine as an example

DevOps Engineer Resume: Here's mine as an example

23
Comments
5 min read
Why you shouldn't expose your incrementing IDs

Why you shouldn't expose your incrementing IDs

9
Comments
3 min read
Building a secure network in AWS (PART 1)

Building a secure network in AWS (PART 1)

6
Comments
5 min read
Tips for working with private files in laravel

Tips for working with private files in laravel

35
Comments 6
3 min read
Same Origin Policy: Demystified

Same Origin Policy: Demystified

29
Comments 1
12 min read
Force Enable AWS MFA And Using Temp Credential

Force Enable AWS MFA And Using Temp Credential

9
Comments 2
4 min read
HSTS Header (Strict Transport Security) Explained

HSTS Header (Strict Transport Security) Explained

8
Comments 5
6 min read
Basic security best-practices for your web app & server

Basic security best-practices for your web app & server

3
Comments
3 min read
Ultimate guide to HTTP Strict Transport Security (HSTS)

Ultimate guide to HTTP Strict Transport Security (HSTS)

17
Comments
10 min read
Using Environment Protection Rules to Secure Secrets When Building External Forks with pull_request_target 🤐

Using Environment Protection Rules to Secure Secrets When Building External Forks with pull_request_target 🤐

12
Comments 2
4 min read
Managing Secrets During Docker Build

Managing Secrets During Docker Build

11
Comments
9 min read
Encrypt your notes with GnuPG

Encrypt your notes with GnuPG

5
Comments
2 min read
Tryhackme Blue

Tryhackme Blue

3
Comments
1 min read
Authentication & Authorization in Microservices Architecture - Part I

Authentication & Authorization in Microservices Architecture - Part I

365
Comments 27
6 min read
Exposing sequential IDs is bad! Here is how to avoid it.

Exposing sequential IDs is bad! Here is how to avoid it.

7
Comments 6
4 min read
Stripe for online payments

Stripe for online payments

11
Comments
2 min read
Securely Access QLDB from a Private Subnet

Securely Access QLDB from a Private Subnet

9
Comments 3
3 min read
SSH - Configurations

SSH - Configurations

4
Comments 2
3 min read
Easily Create Allow (or Deny) Lists for Azure Resources

Easily Create Allow (or Deny) Lists for Azure Resources

Comments
3 min read
Account Factory - provision AWS Accounts

Account Factory - provision AWS Accounts

11
Comments
3 min read
Why PASETO is better than JWT for token-based authentication?

Why PASETO is better than JWT for token-based authentication?

167
Comments 8
11 min read
Why you should host public npm packages in a private registry

Why you should host public npm packages in a private registry

14
Comments
4 min read
loading...