Secure coding best practices

Latest posts

Deserialization vulnerabilities in Java

Deserialization vulnerabilities in Java

Reading Time: 9 minutes Understanding serialization and deserialization vulnerabilities is the first step toward building secure applications. For most developers, it’s a challenge to find the right balance between coding securely and meeting other objectives like tight deadlines. This often results in products that are vulnerable to deserialization attacks which would be otherwise difficult to stage.

JWT handling best practices

JWT handling best practices

Reading Time: 8 minutes The purpose of this post is to present one of the most popular authorization manager open standards JWT. It goes into depth about what JWT is, how it works, why it is secure, and what the most common security pitfalls are.

Ruby needs security

Ruby needs security

Reading Time: 10 minutes Every year, Ruby is becoming more and more popular thanks to its elegance, simplicity, and readability. Security, however, is an issue we can’t afford to neglect.

Python best practices and common issues

Python best practices and common issues

Reading Time: 10 minutes Python is a high-level, flexible programming language that offers some great features. To be as effective as possible, it is important to possess the knowledge to make the most out of coding with Python.

5 Steps your security program should include

5 Steps your security program should include

Reading Time: 7 minutes For most companies, security is considered a side quest, which is partly related to the daily processes. In reality, security ought to be a strong foundation of any organization. To ensure the defense of the enterprise, the relevant teams need strong security knowledge and abilities.

5 Key Challenges Of Building a Security Training Program – Avatao

5 Key Challenges Of Building a Security Training Program – Avatao

Reading Time: 8 minutes To build an enterprise security program, one has to go back to the well-known fundamentals of organizational change: People, Process, and Technology (originates from Harold Leavitt’s “Applied Organization Change in Industry”, 1964).

Getting started with Kotlin

Getting started with Kotlin

Reading Time: 9 minutes If you are working on Java projects you might have heard about other languages that run on the JVM, like Clojure, Kotlin, or Scala. Programmers like to try new things out but is it worth it to pick one of them over Java?

Docker: Life Before and After

Docker: Life Before and After

Reading Time: 12 minutes Containers have been around for over a decade. Yet before Docker’s explosive success beginning in 2013 they were not wide-spread or well-known. Long gone are the days of chroot, containers are all the rage, and with them, we have a whole new set of development and security challenges.

How to avoid issues with DNS security and privacy

How to avoid issues with DNS security and privacy

Reading Time: 8 minutes Even if you use HTTPS, your browsing habits can still be tracked by observing your DNS queries. Besides the lack of confidentiality, plain old DNS doesn’t provide data integrity and authenticity either. This article discusses DNS security and privacy and points out the problems that can arise from lacking in these attributes and gives some tips on how to remedy them.

Security and usability: How to find a good balance

Security and usability: How to find a good balance

Reading Time: 10 minutes How would you like the idea of being escorted by armed security staff from the grocery store to your home in order to protect the valuable air fresheners you have just bought? Would you be confused, would you visit the store again?

Test your secure coding skills