San Francisco, CA, USA
Jan 30, 2020   |  By Eric
Running tech at a startup is a hard job. You’re on a shoestring budget, if you even have one. You’re constantly understaffed. Everyone needs that new feature or server set up. They need it yesterday. While you were reading the intro to this blog post, someone from sales promised three new features to a customer that aren’t on your road map yet. In short, you’re swamped. If you’re like a lot of startup CTOs, you’re not spending much time thinking about security.
Jan 28, 2020   |  By Thibaud
Lambdas are a great addition to the tech ecosystem by Amazon. They can help bootstrap projects and fulfill a wide range of specific use cases. Given their usefulness, at some point, you may want to add authentication capabilities. When using AWS Lambdas, you can use the API Gateway to handle authentication and it works just fine. The only pain point is how annoying it is to correctly set everything up and have a good dev experience.
Jan 16, 2020   |  By Don Roche
On the sleepy island of Gozo, security isn’t a concern. Tourists can leave their bags on the beach and go off on an adventure without worrying that their belongings will be stolen. In my home city, however, we say that “if you don’t tie it down, it’s not yours.” Everything can be stolen. Similarly, the internet is the biggest and busiest city in the world! If it can be read, copied, written, or injected with SQL, it’s not yours.
Jan 7, 2020   |  By Eric
What do you know about security debt? As the leader of a software startup, you’re probably familiar with the concept of technical debt. Technical debt is where your team makes a decision to do something quickly now, but recognizes that they’ll have to spend more time engineering later to remedy that decision. Balancing technical debt is a key part of your role as a leader in your startup. You don’t want to spend a long time on features that you never ship.
Dec 19, 2019   |  By Christian Melndez
Golang’s adoption has been increasing over the years. Successful projects like Docker, Kubernetes, and Terraform have bet heavily on this programming language. More recently, Go has been the de facto standard for building command-line tools. And for security matters, Go happens to be doing pretty well in their reports for vulnerabilities, with only one CVE registry since 2002.
Jan 28, 2019   |  By Sqreen
You use AWS. It’s secure out of the box, but introducing security issues through misconfiguration is easy. This checklist will help guide you to potential security issues exposed by your AWS configuration, and will help you to tighten up the security of your AWS infrastructure.
Jan 1, 2019   |  By Sqreen
Improve the security of your Node.js app with the Node.js Security Handbook made for developers.
Dec 1, 2018   |  By Sqreen
Improve the security of your Ruby app with the Ruby Security Handbook made for developers.
Nov 13, 2018   |  By Sqreen
NearForm and Sqreen are delighted to come together to share their insights on DevOps and security integration.
Jul 6, 2018   |  By Sqreen
In this talk we will see how a malicious user can obtain a MongoDB injection and use it to prevent an application from responding.
Mar 19, 2018   |  By Sqreen
We have interviewed Arnaud Breton, the organizer of this meetup group and Head of Product of Sqreen.
Jan 10, 2018   |  By Sqreen
Formerly at Screenhero then Slack, Don was most recently Head of Developer Relations at Sqreen. Don was on the ground the day Slack’s security was breached, and shares some of the insights scaling startups need to handle the inevitable: getting hacked.
Sep 27, 2017   |  By Sqreen
This video was recorded during TechLunch #15 - Scaling Your Infrastructure on Sept 27th, 2017 at Algolia