LATEST —
The myths and realities of open source software security
The debate around open source security has intensified over recent years. Many consider open source software (OSS) safer due to its transparency, while others point to recent security breaches as evidence of its vulnerabilities. But is OSS genuinely safer than proprietary code? The answer is nuanced...
Choosing a programming language for your next project
In a greenfield project, where there are no pre-existing code constraints, the selection of a programming language is a foundational decision with broad implications. The criteria to consider when choosing a language for a new project involves balancing theory with practicality and provides a stable...
Nov 05 2024
Techniques for protecting web APIs from common threats in 2024
APIs are one of the most common threat vectors, according to a 2024 Gartner report. APIs provide a pathway for data exchange and facilitate access to critical resources. They are the lifeline of modern web applications, bridging the gap between various services, platforms, and devices. This makes AP...
Nov 01 2024
From black box to open book: Understand your browser's behavior using net logs
Software engineers understand the importance of transparency in a system. When it comes to network communication, the most critical insights are often hidden in mundane technical details. We need visibility into software behavior to effectively troubleshoot, evaluate, and secure our systems. Network...
Oct 31 2024
5 practical tips for secure web development
Even the best developers fall prey to the common pitfalls that leave their code vulnerable to attacks. We all want to write performant, reliable, and secure code, but security can feel like an afterthought when we're up against competing priorities and tight deadlines. By following a few guidelines...
Oct 31 2024
Infrared cameras: What you need to know
Infrared cameras are becoming the norm for logging into laptops and mobile devices. They provide added convenience for authenticating and presence detection using facial recognition, but they also present new avenues for exploitation. This post discusses three things that users should consider when...
Oct 29 2024
Delaying the latest software update? Think twice
Some organizations avoid updating their third party applications for fear of introducing new defects or changes that require development, testing, deployment, and end user training. After all, the current version has been tested and works great, right? As someone who is averse to change, I'm here to...
Oct 29 2024
The rise of low code and citizen developers: Will developers become redundant?
Low code and no code platforms can make app creation feel like designing a slide deck rather than coding a software project, giving rise to a new crop of creators - citizen developers. For many, this change brings excitement. For others, it may raise some existential questions. Are seasoned develope...
Oct 25 2024
Data privacy: How developers can prepare for the future
As technology advances, so do the ways in which our personal data is collected, stored, and shared. The evolution of data collection has prompted law makers to be more privacy-conscious and invested in when, how, and why attributes about us are collected. As software engineers, we are at the forefro...
Oct 24 2024
Are larger, monolithic functions actually better?
Deciding whether to decompose code into smaller functions significantly impacts the maintainability, readability, and sometimes the performance of our software projects. A blanket, one-size-fits-all, approach is rarely appropriate for engineering decisions and this topic is no exception. Are monolit...
Oct 23 2024
Secure software development using zero trust
Zero trust is often discussed in terms of networks, devices, and infrastructure because these are usually the first line of defense against external threats. However, as modern software development moves toward microservices, APIs, infrastructure-as-code and cloud architectures, the boundaries betwe...
Oct 23 2024
Send cyber junk to your Pi-hole: Protect your home network
In today's world of digital advertisements, telemetry, and data collection, Pi-hole provides a layer of protection to your home network. It's simple to set up, consumes little resources, and requires no maintenance. What is Pi-hole? Pi-hole is an open source software application that runs on a compu...