Everand Logo

Welcome to Everand!

  • Linux Format

    WEB APP SECURITY

    Jun 29, 2021 8 minutes
    Illustration:
    Kym Winters

    Another day, another high-profile company gets hacked, and more customer data falls into the wrong hands. The companydu-jour will say how its security was up to all the latest standards, and how this was clearly a state-level attack. Yet upon detailed post-mortem it’ll usually be revealed that some web-crawler got lucky and started pulling data from an unprotected endpoint.

    It’s a common meme among programmers that businesses never have time to invest in security before an attack. Once an attack has taken place, the managers are all at your desk asking how you let this happen. Forgetting entirely that you’ve been calling for more time to focus on refactoring and security for several months, now only to be ignored.

    As sad as this reality is, it’s not really the managers’ fault. The pay-off of a new feature is tangible: it has a fixed start and end; it links to a business objective; it is, for lack of a better word, quantifiable. Security and refactoring, however, is quite the opposite... or is it? If you can convey the risks and benefits without sounding like a broken record then you can change your culture for the better.

    This series will empower you with the tools to do just that and make security part of your culture. Kicking things off we’ll discuss some fundamentals and motivation, which will be followed with detailed implementation tutorials in future issues.

    Security breaches

    You’re reading a preview, subscribe to read more.

    More from Linux Format

    Linux Format1 min read
    Vector Vexations
    Why does MySQL not support vectors in its community edition? Generative AI is the hot topic in tech. GenAI relies on vector data. Yet Oracle has no plans to support vectors in the community edition of MySQL. If you want to try out vector data with ot
    Linux Format5 min read
    Tips For Managing Docker Containers
    Everyone knows how containers revolutionised application building and deployment. Using a E disposable stack of containers that make up an app that aren’t using the docker-compose command to manage the stack are missing a trick. It allows the shippin
    Linux Format1 min read
    Wine For Wayland
    2023 was a great year for the Wayland driver for Wine. The goal was to move forward from the experimental phase and make the driver a proper upstream component. A year later, after several merge requests, many people are now already able to use the l

    Related