Avatao Blog

Cybersecurity best practices, tips, and the latest news discussed by security professionals.
Read on to find the topic that interests you the most!

Featured article

Deserialization vulnerabilities in Java

Deserialization vulnerabilities in Java

Reading Time: 9 minutes Understanding serialization and deserialization vulnerabilities is the first step toward building secure applications. For most developers, it’s a challenge to find the right balance between coding securely and meeting other objectives like tight deadlines. This often results in products that are vulnerable to deserialization attacks which would be otherwise difficult to stage.

Browse by category

owasp
appsec
avatao blog devsecops
expert interviews
secure coding
it security

Latest posts

Deserialization vulnerabilities in Java

Deserialization vulnerabilities in Java

Reading Time: 9 minutes Understanding serialization and deserialization vulnerabilities is the first step toward building secure applications. For most developers, it’s a challenge to find the right balance between coding securely and meeting other objectives like tight deadlines. This often results in products that are vulnerable to deserialization attacks which would be otherwise difficult to stage.

JWT handling best practices

JWT handling best practices

Reading Time: 8 minutes The purpose of this post is to present one of the most popular authorization manager open standards JWT. It goes into depth about what JWT is, how it works, why it is secure, and what the most common security pitfalls are.

Ruby needs security

Ruby needs security

Reading Time: 10 minutes Every year, Ruby is becoming more and more popular thanks to its elegance, simplicity, and readability. Security, however, is an issue we can’t afford to neglect.

Interview with Gábor Molnár, Google

Interview with Gábor Molnár, Google

Reading Time: 6 minutes Being up-to-date with the latest information security trends is not easy. Deploying them on a regular basis is even harder. We asked an expert for best practices!

Zero trust security

Zero trust security

Reading Time: 9 minutes Zero Trust is a security framework requiring all users, whether inside or outside your organization, to be authenticated, authorized, and continuously validated. This allows for security configuration to happen before granting or keeping access to applications or data.

Learn more about our secure coding training