There are many design principles that can help make applications more secure. Some of these principles are: – Use strong authentication and authorization controls. – encrypt all data in transit. […]

Security Resources Common Weakness Enumeration (CWE) The CWE is a “list of software weaknesses.” It catalogs and defines types of vulnerabilities, so that these can be easily discussed and addressed. […]

Developers are under constant pressure to release features and updates as quickly as possible. However, in their haste to meet deadlines, many developers neglect to follow basic security behaviors that […]

Web application interfaces are especially vulnerable to SQL injection and XSS attacks. SQL injection and Cross-Site Scripting (XSS) attacks are some of the most common attacks on web applications. In […]

I have decided to start writing a handbook on DevOps Security Practices and release it for free right here on my blog. Eventually, it may be released in print, however […]

I’ve taken the leap and will be joining a new team soon. After 7 years it’s time for a fresh start. Who know’s where the road will lead, however I […]

Name Description Operational Excellence The ability to support development and run workloads effectively, gain insight into their operations, and to continuously improve supporting processes and procedures to deliver business value. […]

Layer 7 Layer 7 is a term used to refer to the seventh and highest layer of the seven-layer Open Systems Interconnect  (OSI) reference model for computer networking.  The OSI […]

How would you secure an application? A handy checklist of things to do. There are some simple ways to secure an application on a server. The first thing you should […]

A problem I encountered with a client site recently gave me a headache for a few days. It seems that flywheel do some odd stuff with WordPress behind the scenes. […]