Chief Scientist Emeritus Fabian Yamaguchi and foundational Code Property Graph technology recognized with IEEE Test of Time Award
The latest executive order on cybersecurity issued today, Jan 16 2024, covers a lot of ground across multiple cybersecurity domains, from software security to post-quantum cryptography. The White House is sending a clear message to both the public and private sectors that the threats from foreign adversaries are more dire than ever. It comes at […]
READ MOREIntroduction Race conditions linger as elusive threats in the domain of concurrent programming, creating a fertile ground for inconsistencies and unforeseen security vulnerabilities. These subtle programming bugs arise when multiple processes access shared resources simultaneously, leading to unpredictable and undesirable outcomes. This article will journey through the labyrinth of race conditions, exploring their implications on […]
The serialization and deserialization processes make it easier for applications to communicate by preserving an object’s attributes and assigned values. While serialization breaks the object into smaller components, deserialization rebuilds it so that the application can interact with it. Unfortunately, as soon as any code is broken into smaller chunks, attackers can find a way […]
Telehealth and the technologies that enable remote care continue to become more popular. For example, in January 2023, telehealth utilization grew by 7% and accounted for 5.5% of all medical claims. Doctors and healthcare delivery organizations (HDOs) need to monitor and track patient progress, especially for people with chronic illnesses like cardiac disease, respiratory problems, […]
Introduction Diving into the depths of application development often reveals the lurking dangers of sensitive information exposure. Secure management of environment variables, often used to store secrets like API keys and credentials, becomes a pivotal practice in navigating these treacherous waters. In this deep dive, we will explore the intricacies, best practices, and common pitfalls […]
Introduction Remote Code Execution (RCE) is a term every web developer should be intimately familiar with. It’s the dark cloud that could spell disaster for your meticulously crafted application. An RCE attack can lead to unauthorized access and manipulation of your application, giving attackers the leverage to exploit your system’s vulnerabilities. Let’s dive into the […]
As a developer, you probably have a love/hate relationship with JavaScript. According to the 2023 Stack Overflow Developer Survey, JavaScript maintained its eleven-year winning streak as the commonly-used programming language, yet only 57.83% admired it while those who desired it dwindled to 40.15% of respondents. Sure, you use it. Sure, it’s been around a while. […]
Introduction GraphQL: A powerful querying language that allows developers to ask for exactly what they need, nothing more, nothing less. While it’s renowned for its efficiency and flexibility, it’s crucial to acknowledge the associated security implications. It’s like the double-edged sword that, if not handled with caution, can lead to potential vulnerabilities. Let’s explore the […]
Introduction Caching is often likened to a magician’s sleight of hand, making web applications run seamlessly and swiftly. But as with any magic trick, it can lead to unintended consequences if not executed precisely. In the vast world of web development, understanding cache control is important. It bridges performance and security, ensuring your application remains […]
There’s no doubt AI is a big part of our lives. Qwiet AI utilizes AI for vulnerability detection in code, my high schoolers have their papers checked to see if they were written by ChatGPT, and one of my IMDb credits is for a movie about AI taking over our lives. It’s a huge topic […]