5 Things you need to know to optimize your company’s approach to data

Originally published at Authority Magzine on Medium …Most important tip in my opinion is the cliché “put yourself in the attacker’s shoes”. Think how you would break your own system. Is the data transfer encrypted all the way? Can you intercept it on your own? Are their exposed compon...

 ·  17 minute read

How hackers steal your keys and secrets

After hunting for security bugs I’ve realized clients I’m working with are not familiar enough (or at all) with basic “hacking” techniques. API keys, passwords, SSH encrypted keys, and certificates are all great mechanisms of protection, as long they are kept secret. Once they’re out in the wild,...

 ·  9 minute read  ·   

Protect your application from CSRF attacks

“CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated. With a little help of social engineering (such as sending a link via email/chat), an attacker may force the users of a web application to execute actions of th...

 ·  8 minute read  ·   

Getting started with Vim (video)

This YouTube video is a recording of a colleague and mine, discussing Vim basics and going through them hands on. It’s raw and untouched, and should be easy for any beginner to tag along and pick up on some starting points.

 ·  less than 1 minute read  ·   

SQL injection for developers

SQL Injection (SQLi) accounted for more than 72% of all attacks when looking at all verticals during (2018-2019) period. - State of the internet 2019, Akamai The quote above says it all. If there’s one attack vector to get familiar with as a web devloper it’s injection and this one in parti...

 ·  11 minute read  ·