Since 1999

Cybersecurity Category

Covering all aspects of security, threats, and best practices.


UUID as a secure API token for API RESTful endpoints? (Video)

Video excerpt about the role of UUIDs as a security identifier for REST API and how to use them more securely if you must.

Read More »


An Honest Conversation About Cyber Security (Video)

I recently sat down with Jeremy Duvall of 7Factor Software to discuss Cyber Security and application developers. Enjoy this video!

Read More »


Prioritizing cybersecurity (Pluralsight)

The structure and siloing of a large enterprise organization can thwart security efforts. Here is a tip on how to overcome.

Read More »


You Can be the Victim of a Cybersecurity Attack: Do Your Part. #BeCyberSmart.

Be cyber smart by recognizing that you can be the victim of a cyber security incident and that you have to keep your Internet connected custom software securely configured and patched up-to-date at all times. Do Your Part. #BeCyberSmart.

Read More »


Paying Ransomware is Harmful: Invest in proactive defense instead.

Paying the pirates has never been a good idea. The long history shows that paying the ransom only increases the financial incentives for more ransoms. Here is how you can use Threat Actor / Capability modeling and practically free counter measures to protect yourself.

Read More »


Top 5 Cyber Security Self-Defense Tips for Businesses with Custom Applications

Since there is no Internet coast guard coming to your aid, here are the top five tips for your company to be better prepared for your own self-defense against cyber attack.

Read More »


Cross-site Scripting Injection Attacks Using SVG Images

Cross-Site Scripting attacks can come from a variety of vectors, this article is an explanation of an unusual vector where javascript is embedded within a scalable vector graphics image.

Read More »


Lava lamps providing randomness for security!

Lava Lamps as a security tool is an old idea, once covered by a patent. This is why I proudly display a Lava Lamp in my office within my web cam shot.

Read More »


Testing: Your Future Self Will Thank You

Testing, while not always glorious, is a vital part of a good code base. Tests and code should go hand in hand.

Read More »


Practical APPSEC starts with people first, processes second, and technology last

Technology purchases cannot solve application security. Improving security is a matter of people, processes, and technology. Here's how to invest developer education and processes first.

Read More »