Security

Thought leadership as well as effective ways to solve cloud security issues.

A login screen with a blank username and hidden password with the text "Authentication Isn't Everything"

Authentication Isn’t Everything

Alex Leung explains why fortifying one's login API and loosening other parts of one's security posture can lead to cybersecurity issues.

Illustration of a padlock in front of an illuminated data network with the following text: "Pad Credit Card Information to Protect Your Customers’ Wallets"

Pad Credit Card Information to Protect Your Customers’ Wallets

We take a look at a recently-assessed API, to see how it avoided the problem that helped the Allies beat the Axis powers in World War II.

An ominous-looking room that mostly lies in the dark, with only the floor being visible. The text reads, "In the Dark about Shadow APIs?"

In the Dark about Shadow APIs?

Shadow APIs aren’t typically a risk you would think about when developing APIs. See real-world examples to understand the threats they pose.

Illustration of an angled browser window that shows a mouse cursor close to the security lock symbol of a website address. The text reads, "Loose Lips Can Sink Websites Too", with the words "sink" and "websites" being highlighted in bold.

Loose Lips Can Sink Websites Too

This blog dives into how exposed version numbers in your tech stack can lead to serious vulnerabilities, and what you can do to tighten security.

Illustration with the text "Pay Attention to Your Non-Production Subdomains"

Pay Attention to Your Non-Production Subdomains

Security teams often focus on an organization's main production domain. Learn why paying attention to your non-production subdomains matters.

An illustration that shows a stop watch and a shield with a check mark with the text "Cutting Latency, Not Security"

Cutting Latency, Not Security

by Philip McGuinness

Content Security Policy (CSP) is a security feature implemented in browsers to protect websites and web applications from attacks.

The Cloud-Powered Enterprise: Securing Your Cloud, featuring Joseph Glover, DIrector, Field Compute Technology, Akamai, featured image.

The Cloud Powered Enterprise: Securing the Cloud

September 20, 2024

Explore the latest strategies and technologies for cloud security, including identity and access management, data encryption, threat detection, and data security posture management with experts from leading cloud security companies.

Illustration of a security question and answer entry capture screen, with text Pointless May Not Be Harmless.

Pointless May Not Be Harmless: The Story of a Login Page with a Blank Security Question

Discover how attackers exploit security vulnerabilities in login pages and learn how to protect your web applications with best practices.

A leaking pipe with the text "Security in your DevOps Pipeline: Is your GraphQL API leaky?"

Security in Your DevOps Pipeline

Not disabling introspection before going live can pose a major security risk. We offer steps to improve security in your DevOps pipeline.

Introduction to Server Security.

Talia Nassi

Introduction to Server Security

Server security is vital to an effective cloud environment. Learn about it here.

Web Application Firewall Overview Header

Maddie Presland

Level Up Application Security with a Web Application Firewall

by Maddie Presland

What to consider when evaluating a WAF and its implementation, and how to get started with a WAF that meets your application's needs.

Suneet Shah

InfoSec Innovation and Collaboration

OpenIAM's partnership with Linode began after a mishap with another provider. In half an hour, its infrastructure was up and running on Linode.