July 21, 2015

How to Quickly Audit Your Cryptography Usage?

Cryptography is an important security security control  for any application.  It is essential in securing data at rest and in transit. But how do you know […]
July 8, 2015
secure javascript express application

Setting up a Secure Instance of Express JS (GitHub Repo)

In a previous blog post I mentioned ways to secure your ExpressJS instance. This included both using third party modules and modifications to the default configuration […]
June 19, 2015
hands_raised_0

The Canadian Government Outage and Raising Profiles of Simples Attacks

The Canadian Govt was hacked! The Globe And Mail reported a few days back: A cyberattack crashed federal government websites and e-mail for nearly two hours […]
May 29, 2015
breaches

Reading through the IRS Hack: Failures and Analysis

IRS has reported that  thieves stole tax information from 100,000 taxpayers, pretty disturbing news on multiple levels. The first level of disturbance is obviously that an […]
May 27, 2015
2015-05-27_20-32-19

Security Comparison: AngularJS vs Backbone.js vs Ember

Introduction Client side JavaScript security is becoming more and more of an issue with the shift to Single Page Applications or SPAs in modern web development. […]
May 7, 2015
shutterstock_14682724

Simplified Security Code Review Process

Obviously it is not 2005 anymore. 10 years ago most organizations were OK with perimeter security and a vulnerability scanner. This shift started to happen in the U.S […]