Get insights from
the Qwiet AI team

It started as a well-intentioned plan to help businesses access real-time tracking data to provide better service to their customers.  The “Informed Visibility System” by the USPS started off with great intentions, but unfortunately rolled out the red carpet for cyberciminals, exposing sensitive data on 60 million users. The business team found a need and […]

Introduction SQL Injection: It’s like the pesky mosquito of web security, always buzzing around, looking for a way to suck the life out of your database. But don’t break out the bug spray just yet; we’ve got two powerful tools to swat this bug: Parameterized Queries and Stored Procedures. So, let’s roll up our sleeves […]

Imagine an application that doesn’t contain any data. You most likely read that sentence and thought, “Then that application is pretty pointless from a business perspective.” Business applications offer value precisely because users can ask questions and get answers. However, the application typically needs to query a database to get those answers and SQL is […]

While Bugs Bunny and company may be part of your favorite childhood memories, the Looney Tunables vulnerability could become one of your worst nightmares. CVE-2023-4911 remains under analysis but comes with a base Common Vulnerability Scoring System (CVSS) score of 7.8 (high). Primarily impacting Fedora, Ubuntu, and Debian, the easily exploitable buffer overflow vulnerability gives […]

As a developer, you know that the first rule of secure code club is to use trusted third-party repositories. However, threat actors engaging in software supply chain attacks target the trusted sources precisely because they know that developers are likely to use them. For example, in a recent blog post, a security researcher explained how […]

Software and application development has changed significantly with the introduction of cloud-based services. Historically, developers write code on local desktops or laptops, meaning attackers needed to compromise the physical device. Further, this limited malicious actors’ ability to compromise the entire source code because no single developer had it stored on their device in its entirety. […]

Introduction CORS: Four simple letters that carry immense weight in web security. As the digital landscape expands, the bridges that allow our applications to communicate become crucial. CORS is that bridge. The unsung hero ensures seamless interactions, but a slight misstep can lead to vulnerabilities. Let’s journey to understand CORS better and ensure our web […]

As telemedicine, AI diagnostics, and patient-centric apps gain traction, the role of secure and compliant application development is more crucial than ever.  Leaders must now navigate this dual arena of rapid tech advancements and stringent data protection requirements in a field that is seeing a steady increase in cyberattacks and databreaches.   What is the primary […]

“It was a dark and stormy night…” While this introduction works for spooky stories, no developer wants their app to become nightmare fuel. While you might be able to grab a flashlight to comfort yourself around a campfire, you don’t have the same protection when you’re working on an application. Increasingly, developers use third-party code […]