The Rietta Blog

The Ripples From SolarWinds

The effects of the Solar Winds breach are felt throughout the tech community. More important than the breach though is the aftermath and the response to the incident. How does that affect others?

Dockerizing Development Saves Serious Money for Small Agency

Systematic investment in Docker is paying off big time. From a agency owner's perspective this is why the up front investment was worth it.

Paying Ransomware is Harmful: Invest in proactive defense instead.

Paying the pirates has never been a good idea. The long history shows that paying the ransom only increases the financial incentives for more ransoms. Here is how you can use Threat Actor / Capability modeling and practically free counter measures to protect yourself.

Top 5 Cyber Security Self-Defense Tips for Businesses with Custom Applications

Since there is no Internet coast guard coming to your aid, here are the top five tips for your company to be better prepared for your own self-defense against cyber attack.

Why Rietta Appreciates Diversity

Kelly Bard

Rietta values diversity because diversity improves team performance.

Cross-site Scripting Injection Attacks Using SVG Images

Christopher Davis

Cross-Site Scripting attacks can come from a variety of vectors, this article is an explaination of an unusual vector where javascript is embedded within a scalable vector graphics image.

Lava lamps providing randomness for security!

Lava Lamps as a security tool is an old idea, once covered by a patent. This is why I proudly display a Lava Lamp in my office within my web cam shot.

Testing: Your Future Self Will Thank You

Testing, while not always glorious, is a vital part of a good code base. Tests and code should go hand in hand.

Streamlining Workflows With Docker

Working on numerous projects can require significant time to set up locally. With Docker, we have streamlined this process to mere minutes.

Practical APPSEC starts with people first, processes second, and technology last

Technology purchases cannot solve application security. Improving security is a matter of people, processes, and technology. Here's how to invest developer education and processes first.