Разработка • dev.to • 16 мая 2024 г. 2:00
Symmetric and asymmetric encryption are the two most common ways to protect sensitive data with cryptography. These methods use key(s) to transform an unencrypted message into an encrypted message (a ciphertext) that is extremely difficult to decrypt...... читать далее
applicationsecurity codesecurity opensourcesecurity pythonРазработка • dev.to • 1 мая 2024 г. 2:00
We are pleased to introduce Semantic Versioning and release channels to Snyk CLI from v.1.1291.0 onwards. In this blog post, we will share why we are introducing these changes, what problems these changes solve for our customers, and how our customer...... читать далее
codesecurity applicationsecurityРазработка • dev.to • 17 апреля 2024 г. 2:00
Generative AI is an exciting technology that is now easily available through cloud APIs provided by companies such as Google and OpenAI. While it’s a powerful tool, the use of generative AI within code opens up additional security considerations that...... читать далее
ai codesecurity engineeringРазработка • dev.to • 9 апреля 2024 г. 2:00
About the vulnerability The vulnerability lies in the way HTTP/2 implementations handle CONTINUATION frames, which are used to transmit header blocks larger than the maximum frame size. Attackers exploit this weakness by sending an excessive number...... читать далее
codesecurity opensourcesecurity go nodeРазработка • dev.to • 29 февраля 2024 г. 2:00
As backend developers, we are tasked with the crucial role of ensuring the security of our applications. Node.js is not exempt from this responsibility and its growing popularity makes it a lucrative target for hackers, making it imperative to follow...... читать далее
applicationsecurity codesecurity javascript nodeРазработка • dev.to • 26 января 2024 г. 2:00
Bug bounty hunting is a process where security researchers or hackers actively search for and identify security vulnerabilities or "bugs" in web applications, IoT devices, mobile applications, or even smart contracts. These vulnerabilities can range...... читать далее
codesecurity opensourcesecurityРазработка • dev.to • 25 октября 2023 г. 2:00
When web applications rely on user-supplied data, there is a potential risk of SQL injection attacks. SQL injection is a technique used to alter a SQL statement by manipulating user input. Specifically, attackers send malicious SQL code to the databa...... читать далее
codesecurityРазработка • dev.to • 30 августа 2023 г. 2:00
With threat actors performing man-in-the-middle (MITM) attacks, having an SSL/TLS certificate is no longer a valid reason to trust an incoming connection. Consequently, developers are increasingly adopting SSL/TLS pinning, also known as certificate o...... читать далее
codesecurity opensourcesecurity javascript nodeРазработка • dev.to • 25 августа 2023 г. 2:00
Developing quality software applications can be arduous, as many moving parts must come together to create a working solution. That’s why developers need all the help and convenience they can get, especially when securing their applications. Visual...... читать далее
codesecurity javascript vscodeРазработка • dev.to • 8 августа 2023 г. 2:00
The Document Object Model (DOM) acts as an interface between HTML and JavaScript, bridging the gap between static content and dynamic interactivity. This function makes the DOM indispensable for modern web developers. However, the DOM has a pitfall...... читать далее
codesecurity javascriptРазработка • dev.to • 29 июля 2023 г. 2:00
WebAssembly, sometimes called Wasm, is a portable, low-level binary code instruction format executed in a web browser’s virtual machine (VM). It enables developers to write high-performance code in various languages and runs alongside JavaScript. D...... читать далее
applicationsecurity codesecurity javascriptРазработка • dev.to • 19 июля 2023 г. 2:00
Deserialization is the process of converting data from a serialized format, such as JSON or binary, back into its original form. Swift provides multiple protocols allowing users to convert objects and values to and from property lists, JSON, and othe...... читать далее
codesecurityРазработка • dev.to • 30 июня 2023 г. 2:00
Webhooks are a callback integration technique for sending and receiving information, such as event notifications, in close to real-time. Webhooks can be triggered by application events and transmit data over HTTP to another application or third-party...... читать далее
codesecurity opensourcesecurity javascript nodeРазработка • dev.to • 30 июня 2023 г. 2:00
Continuous integration (CI) and continuous delivery (CD) has become a ubiquitous practice for DevOps teams. The CI/CD process focuses on building and deploying new applications or releasing updates to already-deployed workloads. As a result, most CI/...... читать далее
codesecurity devsecops cicd
