Let's talk!
Clients
Services
Blog
About us
Careers
Let's talk!
SOFTWARE
HOUSE
Clients
Insights
Blog
Learnings
Careers
About us
Contact us
Learnings
Boost your knowledge with the insights from our expert team.
accessibility
accessibility
agile
agile
ai
ai
api
api
architecture
architecture
aws
aws
career
career
celery
celery
communication
communication
concurrency
concurrency
css
css
data
data
database
database
db
db
debug
debug
design
design
design system
design system
development
development
devops
devops
django
django
docker
docker
documentation
documentation
figma
figma
frontend
frontend
git
git
html
html
javascript
javascript
js
js
leadership
leadership
management
management
metrics
metrics
ml
ml
orm
orm
performance
performance
postgres
postgres
process
process
product
product
product design
product design
python
python
react
react
redux
redux
research
research
security
security
software
software
sql
sql
sre
sre
test
test
testing
testing
tests
tests
typescript
typescript
ui
ui
ux
ux
web
web
workflow
workflow
<p>Django REST Framework quick security tips </p>
↗
https://cheatsheetseries.owasp.org/cheatsheets/Django_REST_Framework_Cheat_Sheet.html
Dennys Azevedo
Aug 4, 2023
Topics:
django, owasp, python, security
<p>Four pillars to maintain/improve your codebase health </p>
↗
https://leaddev.com/tech/four-pillars-code-health
Dennys Azevedo
Dec 22, 2022
Topics:
automation, insights, maintainability, security
<p>Drop-in replacement for Python's CSV library that tries to mitigate CSV injection attacks </p>
↗
https://pypi.org/project/defusedcsv/
Flavio Juvenal
Dec 9, 2022
Topics:
csv, python, security
<p>Cacheable S3 signed URLs: </p>
↗
https://advancedweb.hu/cacheable-s3-signed-urls/
Flavio Juvenal
Sep 30, 2022
Topics:
aws, caching, performance, s3, security
<p>Malicious npm Package Poses as Tailwind Tool </p>
↗
https://www.darkreading.com/application-security/malicious-npm-package-poses-tailwind-tool
Raí Siqueira
Sep 23, 2022
Topics:
javascript, npm, security
<p>Why do Invalid Host header errors exist, what are attackers trying to achieve? </p>
↗
https://security.stackexchange.com/questions/227215/why-do-invalid-host-header-errors-exist-what-are-attackers-trying-to-achieve
Flavio Juvenal
Sep 9, 2022
Topics:
http, security
<p>How SSL/TLS handshare works... in a comic! </p>
↗
https://howhttps.works/the-handshake/
Dennys Azevedo
Jun 15, 2022
Topics:
https, security, web
<p>Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. </p>
↗
https://github.com/prowler-cloud/prowler
Flavio Juvenal
Jun 9, 2022
Topics:
aws, security
<p>django-axes a plugin for keeping track of suspicious login attempts for your Django based website and implementing simple brute-force attack blocking: </p>
↗
https://github.com/jazzband/django-axes
Rebeca Sarai
Jun 7, 2022
Topics:
django, login, security
<p>Threat Alert: First Python Ransomware Attack Targeting Jupyter Notebooks: </p>
↗
https://blog.aquasec.com/python-ransomware-jupyter-notebook
Rebeca Sarai
Apr 11, 2022
Topics:
python, security
<p>How Phishers Are Slinking Their Links Into LinkedIn: </p>
↗
https://krebsonsecurity.com/2022/02/how-phishers-are-slinking-their-links-into-linkedin/
Rebeca Sarai
Mar 3, 2022
Topics:
security
<p>A capability-safe language would have minimized the impact of, or even prevented, the log4j vulnerability: </p>
↗
https://justinpombrio.net/2021/12/26/preventing-log4j-with-capabilities.html
Flavio Juvenal
Feb 22, 2022
Topics:
capability, safety, security
<p>Never, Ever, Ever Use Pixelation for Redacting Text </p>
↗
https://bishopfox.com/blog/unredacter-tool-never-pixelation
Flavio Juvenal
Feb 16, 2022
Topics:
security
<p>10 Unknown Security Pitfalls for Python: </p>
↗
https://blog.sonarsource.com/10-unknown-security-pitfalls-for-python
Flavio Juvenal
Feb 3, 2022
Topics:
python, security
<p>"Critical security vulnerabilities on OpenSea’s platform that, if exploited, could have led hackers to hijack user accounts and steal entire crypto wallets of users, by sending malicious NFTs" </p>
↗
https://blog.checkpoint.com/2021/10/13/check-point-software-prevents-theft-of-crypto-wallets-on-opensea-the-worlds-largest-nft-marketplace/
Rebeca Sarai
Dec 29, 2021
Topics:
crypto, nfts, security
<p>Content Security Policy Cheat Sheet </p>
↗
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
Pamella Bezerra
Dec 17, 2021
Topics:
security, web
<p>A tool for scanning Python environments for known vulnerabilities: </p>
↗
https://pypi.org/project/pip-audit/
Flavio Juvenal
Dec 2, 2021
Topics:
dependencies, pip, python, security
<p>An Overview of Best Practices for Security Headers: </p>
↗
https://developer.okta.com/blog/2021/10/18/security-headers-best-practices
Flavio Juvenal
Oct 26, 2021
Topics:
security, web
<p>API Security Best Practices MegaGuide: </p>
↗
https://expeditedsecurity.com/api-security-best-practices-megaguide/
Flavio Juvenal
Oct 7, 2021
Topics:
api, security
<p>Top 10 Container Security Best Practices </p>
↗
https://www.infracloud.io/blogs/top-10-things-for-container-security/
Gustavo Carvalho
Sep 20, 2021
Topics:
docker, security
<p>May HSTS block access to your site when you renew your SSL certificate? </p>
↗
https://security.stackexchange.com/questions/124400/may-hsts-block-access-to-your-site-when-you-renew-your-ssl-certificate
Flavio Juvenal
Jul 13, 2021
Topics:
hsts, https, security
<p>Stop using your work laptop or phone for personal stuff (HN discussion): </p>
↗
https://news.ycombinator.com/item?id=27622988
Flavio Juvenal
Jun 25, 2021
Topics:
security, worklife
<p>Data Breach Investigations Report Highlights: </p>
↗
https://jacobian.org/2021/may/18/2021-dbir-highlights/
Rebeca Sarai
May 19, 2021
Topics:
security
<p>Why you shouldn't use ENV variables for secret data: </p>
↗
https://simonwillison.net/2021/Apr/14/why-you-shouldnt-use-env-variables-for-secret-data/
Rebeca Sarai
Apr 15, 2021
Topics:
env, security
Next
Close Cookie Preference Manager
Cookie Settings
By clicking “Accept all”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts.
Check our privacy policies.
Strictly Necessary (Always Active)
Cookies required to enable basic website functionality.
Analytics
Cookies helping understand how this website performs, how visitors interact with the site, and whether there may be technical issues.
Marketing
Cookies used to deliver advertising that is more relevant to you and your interests.
Personalization
Cookies allowing the website to remember choices you make (such as your user name, language, or the region you are in).
Save settings
Accept all
We use Cookies to promote our services.
Settings and Privacy.
Accept
