• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

DevelopSec

  • Home
  • Podcast
  • Blog
  • Resources
  • About
  • Schedule a Call

secure development

January 31, 2023 by James Jardine Leave a Comment

Ep. 120: Addressing Root Cause – Vulnerable Components

In this episode we talk about addressing the root cause of an issue versus the symptoms. How can the process of keeping application components updated be improved? For more info go to https://www.developsec.com or follow us on twitter (@developsec). DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help. Transcript: In this episode, James talks about root cause analysis versus treating … [Read more...] about Ep. 120: Addressing Root Cause – Vulnerable Components

Filed Under: Podcast Tagged With: application security, application security program, developsec, secure development, security, vulnerable components

January 19, 2023 by James Jardine Leave a Comment

Ep. 119: Risks of SpellCheck

In this episode we talk about the spell check feature of the browser and how it could present a risk to sensitive data. Listen to the Episode: Link to article referenced: https://www.darkreading.com/application-security/spellchecking-google-chrome-microsoft-edge-browsers-leaks-passwords For more info go to https://www.developsec.com or follow us on twitter (@developsec). … [Read more...] about Ep. 119: Risks of SpellCheck

Filed Under: Podcast Tagged With: app sec, developsec, secure coding, secure development, security

December 20, 2021 by James Jardine Leave a Comment

What is the difference between encryption and hashing?

Encryption is a reversible process, whereas hashing is one-way only. Data that has been encrypted can be decrypted back to the original value. Data that has been hashed cannot be transformed back to its original value. Encryption is used to protect sensitive information like Social Security Numbers, credit card numbers or other sensitive information that may need to be accessed at some point. Hashing is used to create data signatures or comparison only features. For example, user passwords … [Read more...] about What is the difference between encryption and hashing?

Filed Under: Questions Tagged With: application security, AppSec, crypto, encryption, hashing, questions, secure development, security awareness, security testing, training

December 19, 2021 by James Jardine Leave a Comment

Ep. 118: Log4J Sparking Thought on Vulnerable Components

Log4J has been the talk of the town recently and everyone is focused on the technical details of the specific vulnerabilities found. In this episode, James talks about the overarching ideas around dealing with vulnerable components. Are you vulnerable? If so, what needs to be done? Listen to the Episode: For more info go to https://www.developsec.com or follow us on twitter (@developsec). … [Read more...] about Ep. 118: Log4J Sparking Thought on Vulnerable Components

Filed Under: Podcast Tagged With: application security, application security program, AppSec, leadership, owasp, podcast, secure development, security training, training, vulnerable component

May 29, 2020 by James Jardine Leave a Comment

Proxying localhost on FireFox

When you think of application security testing, one of the most common tools is a web proxy. Whether it is Burp Suite from Portswigger, ZAP from OWASP, Fiddler, or Charles Proxy, a proxy is heavily used. From time to time, you may find yourself testing a locally running application. Outside of some test labs or local development, this isn't really that common. But if you do find yourself testing a site on localhost, you may run into a roadblock in your browser. If you are using a recent version … [Read more...] about Proxying localhost on FireFox

Filed Under: General Tagged With: application security, AppSec, pen test, pen testing, pentesting, qa, secure development, security testing

February 10, 2020 by James Jardine Leave a Comment

Chrome is making some changes.. are you ready?

Last year, Chrome announced that it was making a change to default cookies to SameSite:Lax if there is no SameSite setting explicitly set. I wrote about this change last year (https://www.jardinesoftware.net/2019/10/28/samesite-by-default-in-2020/). This change could have an impact on some sites, so it is important that you test this out. The changes are supposed to start rolling out in February (this month). The linked post shows how to force these defaults in both FireFox and Chrome. In … [Read more...] about Chrome is making some changes.. are you ready?

Filed Under: General Tagged With: application security, AppSec, chrome, developer, secure code, secure development, secure testing

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 9
  • Go to Next Page »

Primary Sidebar

Contact Us:

Contact us today to see how we can help.
Contact Us

Footer

Company Profile

Are you tackling the challenge to integrate security into the development process? Application security can be a complex task and often … Read More... about Home

Resources

Podcasts
DevelopSec
Down the Security Rabbithole (#DTSR)

Blogs
DevelopSec
Jardine Software

Engage With Us

  • Email
  • GitHub
  • Twitter
  • YouTube

Contact Us

DevelopSec
Email: james@developsec.com



Privacy Policy

© Copyright 2018 Developsec · All Rights Reserved