Welcome to the first part in our AngularJS Security Series. Here, we’ll discuss the various solutions to write more secure applications. Our goal is simple: to help developers better understand Angular and embrace the practice of writing more secure code.
We’re currently seeing a recalibration of the developer’s role in software security. We are about to see a new wave of what I call developer enablement.
Posted in Developer Enablement | Comments Off on Moving beyond ‘moving left’: The case for developer enablement
Posted in Developer Enablement | Comments Off on AngularJS is secure by default, right? Not so fast.
In 2014 an exploit was discovered in Firefox for Android that allowed malicious applications access to sensitive user data. The cause? An unfortunately predictable PRNG called Math.random().
Java SecureRandom updates as of April 2016 There have been several changes to Java’s SecureRandom API since creating this post back in 2009. According to Oracle, the following interesting changes have been made:
Posted in Developer Enablement | Comments Off on Proper use of Java SecureRandom
What’s the difference between OAuth 1.0 and OAuth 2.0? And which version of OAuth is right for you? Hint: It’s not necessarily the latest one.
In Python, you can use pickle to serialize (deserialize) an object structure into (from) a byte stream. Here are best practices for secure Python pickling.
Posted in Developer Enablement | Comments Off on Understanding Python pickling and how to use it securely