Developing symbiotic relationships, customer satisfaction, and integrity are primary ideals
Train your developers to become security saavy and code with keen awareness
Penetration testing and vulnerability assessment for web applications
Join a one hour webinar discussing the OWASP Top 10 2017. It is currently in the release candidate stage with a final version expected in the summer. There are two new items on the list this year. It’s a shame we see the same issues year after year with SQL injection and cross-site scripting still…
Stay up to date and get informed about new blog posts and promotions.
…
I had the privilege of presenting in Denver at GopherCon 2016 about packet capturing. You can find a detailed blog post with more information and code examples at DevDungeon.com. Additionally, there is a recording of the presentation you can find on YouTube: GopherCon 2016: John Leon – Packet Capture, Analysis, and Injection with Go
Too many developers lack adequate security training and education. Unless developers have been trained on the job or have gone out of their way to seek the training, chances are they have little to no security training. I interviewed a graduate once for a development position who had written a production web application for their…
Password policies and judging password strength have been constant challenges. Computing power and cracking rigs are getting stronger while people’s password habits are staying the same or getting worse. We see the same common passwords and patterns. Password Habits Part of the problem with passwords is that people have formed common password habits. For example, many…