October 1, 2015
Cross-site Scripting in JavaScript

The Rise of JavaScript XSS and Practical Mitigation Techniques

Cross Site Scripting (XSS) is listed by OWASP Top 10 as #3 on the list. If you tried to decipher Cross-site Scripting and understand its mitigation, […]
July 21, 2015

How to Quickly Audit Your Cryptography Usage?

Cryptography is an important security security control  for any application.  It is essential in securing data at rest and in transit. But how do you know […]
July 8, 2015
secure javascript express application

Setting up a Secure Instance of Express JS (GitHub Repo)

In a previous blog post I mentioned ways to secure your ExpressJS instance. This included both using third party modules and modifications to the default configuration […]
June 19, 2015

The Canadian Government Outage and Raising Profiles of Simples Attacks

The Canadian Govt was hacked! The Globe And Mail reported a few days back: A cyberattack crashed federal government websites and e-mail for nearly two hours […]
May 29, 2015

Reading through the IRS Hack: Failures and Analysis

IRS has reported that  thieves stole tax information from 100,000 taxpayers, pretty disturbing news on multiple levels. The first level of disturbance is obviously that an […]
May 27, 2015

Security Comparison: AngularJS vs Backbone.js vs Ember

Introduction Client side JavaScript security is becoming more and more of an issue with the shift to Single Page Applications or SPAs in modern web development. […]