Sqreen

sqreen

7 best practices for microservices security

Microservices have refashioned the way modern apps are developed. Previously, monolithic architecture was used for app development. A monolithic app is made from a single unit with three parts: a database, a client-side UI that runs on the user’s system or browser, and a server-side app. But in microservices, an app consists of multiple units. Each of these units runs alone and connects via APIs.

sqreen

A look at OWASP's top automated threats to web apps

With the advancement of web technologies, there are many new ways to create dynamic websites. But we are also facing a growing rate of cyber threats. We can see that even the most reputed companies are falling prey to cyberattacks. For instance, bots are now spreading across the internet like wildfire. In fact, they constitute a major portion of web traffic. Now, some bots help businesses improve their presence. On the other hand, there are some bad bots that are a threat to a company.

sqreen

How to implement a bug bounty program

Cybersecurity has become an increasingly trending topic for anyone in the technology space. With millions of attacks happening every day, people have started focusing on security more than ever before. The development, QA, and internal security teams do their best to secure their products. But it’s hard to catch everything internally, and there’s no harm in getting another opinion.

sqreen

Introducing the SSRF reference guide: everything you ever wanted to know about SSRF defense

Although the security community has been aware of server-side request forgeries (SSRF) for a while, it’s only since the Capital One breach that they hit mainstream awareness. However, most of the public documentation following the breach focused on the attacking side of the equation (i.e. how to trigger and exploit an SSRF vulnerability) rather than on how to defend against SSRF exploits.

sqreen

Behind the scenes: building a dynamic instrumentation agent for Go

We’ve been working hard at Sqreen to make our protection transparent and frictionless. We recently released Sqreen for Go, which detects and blocks security issues inside Go applications without requiring any code modification. To make this possible, we leverage dynamic instrumentation to insert additional security logic into the program’s behavior at run time.

sqreen

Panel discussion: security for B2B scale-ups

At B2B Rocks 2019, I took part in a panel discussion titled “How to Shape the Most Reliable and Secure Tech.” We had an interesting talk about how B2B companies can improve security, particularly around doing so as they scale up. I’ve been thinking about our conversation recently, as the day-to-day has shifted for people all over the world, so I wanted to take a moment to share some of the insights from the talk.

sqreen

What is "security as code" and how can it help you?

A couple of years ago, there were two major teams that worked on getting software built: the development team and the operations team. The development team created the software, and the operations team provided everything that was required to build the software. Because there were two separate teams involved, software development took more time. DevOps was introduced to make the software development life cycle shorter.

sqreen

How to run security testing sessions

There was a time when applications were built just to complete the task they were required for. But these days, developers often need to focus just as much on how secure the application is. If you’ve written code, it’s likely that you’ve been asked to check for the most common security loopholes and fix them. Almost every large organization has a dedicated QA and security department. Even so, it’s important that you, as a developer, understand the importance of security.

sqreen

Finding vulnerabilities more efficiently with Sqreen's Interactive Application Security Testing (IAST)

Today is an exciting day for Sqreen. We’re adding a brand new slice to our Application Security Management platform: a security testing solution that helps security and engineering teams better secure their code. Since the beginning, Sqreen’s mission has been to make robust application security available to everyone, with the flexibility, transparency, and depth needed in modern environments. This has been our guiding light behind everything we’ve built.