HTTP response headers can impact the user experience and the security of the web or mobile application. Server administrators can...

One of the most over-looked issues in web applications is vulnerabilities in someone else's code; 3rd-party JavaScript libraries. Vendors...

Content Security Policy (CSP) is a security framework built into the browser. CSP allows the browser to block content from sources other...

Cookie security is an oxymoron. Cookies exist in the browser; an inherently insecure location. However, there are several best-practices...

DevSecOps is a development methodolgy that enables rugged software with quality baked in from the start. A key component is security....