Data Safety and Information Security

Sun Tzu wrote that mastery in the art of war is about subduing one’s enemy without having to fight. As the modern world contends with increasingly sophisticated cyberattacks from both criminal and political adversaries, this 2500-year-old cliché is key to enterprise security strategy. Today, the “bad guys” of the Internet are both professional in their…

What exactly is Steganography?

None of us want to build products that put our users’ safety at risk, but how do you reduce the risk that our products will be weaponized by abusers? In this excerpt from Design for Safety, Eva Pen…

When it comes to implementing access control in your application, the scheme you decide to use can either make authorization easy to manage as your application and user base grows, or it can really paint you into a corner.

The top developer site GitHub has had enough second-rate security. So, as of August 13th, GitHub blocked the use of account passwords when authenticating Git operations.

Data is a new asset class in the digital world - and identity is the new money. The most important piece of data is certainly personal data. ✅

data datasets colonial revolutionary America Atlantic caribbean

Tutorial: Learn how to log into input limited devices like TVs and terminals using the OAuth 2.0 Device Grant!

Everything you need to know about sigstore project and its role in software supply chain trust and security

In an award-winning paper today, academics said they discovered a way to abuse the TCP protocol, firewalls, and other network middleboxes to launch giant distributed denial of service (DDoS) attacks against any target on the internet.

Tired of high costs and inefficiency? Consider crafting your own SIEM with a look at how Two Sigma built a faster, more effective solution.

Drew Gallis, analyst at WillowTree, leverages Feedly for Cybersecurity to track cyber threats across the company’s supply chain and protect clients

Just who is responsible for cloud security when platforms are, in some ways, controlled by a third-party cloud services vendor?

Researchers detail novel way of increasing cyber-attack surface

CrowdSec is a collaborative EDR leveraging the crowd power. Analyze behaviors, respond to attacks & share signals across the community. Security should be accessible to everyone. We make it happen. For free. Join our community and let's make the Internet safer, together.

Envelopes and Wrappers and Formats, Oh My!