Cyber Security from a Development perspective
The easiest way to exploit your platform won’t be by dressing up in a Ninja suit and breaking into your network. It will be finding a mistake or loophole in your code, and taking advantage.
How a brand new project can still be insecure
So you've just launched your new project. It must be totally secure right? Not always - there are often vulnerabilities that may reveal over time. Here's how we go looking for them.
Which technology stacks or frameworks are more or less susceptible to being hacked?
We’re often asked if a particular framework or technology is more or less susceptible to being hacked than another. Or put another way, is one “more secure” than another? While the technology stack kind of matters, it really comes down to ongoing effort and experience of your team in understanding security risks.
Fixing security flaws with a smarter UX
Some security problems come about when the security of information shown isn't considered during the design process. Here's an easy fix, with 4 different approaches to address the issue
Platform Security - maybe you're the security flaw?
Many organisations spend a lot of time evaluating and worrying about cyber risks from hackers or information leaks. But what if the actual security flaw came about as a result of a decision you the Product Owner had made? Some tips to identify and avoid this.
The Goose Strategy: Getting Out Of Scope
The Goose strategy - move your application out of scope as much as you can. Try to keep the really complex parts of your app behind the scenes, and only expose the simple stuff which can be more easily locked down and quicker to audit.
Automated vulnerability scanning for Ruby on Rails and SaaS projects
Vulnerability scanning software Ruby on Rails analysis
Testing web projects
One of the things we've started doing quite differently over the last few years is how we test our web projects