The Qwiet Blog

Introduction Caching is often likened to a magician’s sleight of hand, making web applications run seamlessly and swiftly. But as with any magic trick, it can lead to unintended consequences if not executed precisely. In the vast world of web development, understanding cache control is important. It bridges performance and security, ensuring your application remains […]

You likely know the old saying about “those of us who assume” and what it does to people. Although you typically use this phrase when discussing person-to-person interactions, you can also apply it to application programming. Applications are complex because they often run multiple tasks in a short time. On the other hand, they’re unintelligent […]

As telemedicine, AI diagnostics, and patient-centric apps gain traction, the role of secure and compliant application development is more crucial than ever.  Leaders must now navigate this dual arena of rapid tech advancements and stringent data protection requirements in a field that is seeing a steady increase in cyberattacks and databreaches.   What is the primary […]

“It was a dark and stormy night…” While this introduction works for spooky stories, no developer wants their app to become nightmare fuel. While you might be able to grab a flashlight to comfort yourself around a campfire, you don’t have the same protection when you’re working on an application. Increasingly, developers use third-party code […]

Introduction Let’s dive into the fascinating world of web security, specifically discussing a notorious threat – clickjacking. Imagine a user clicking on a button thinking they like a photo but instead transferring money from their bank account. Scary, right? That’s clickjacking for you. This threat not only compromises user trust but can also deal a […]

As the neverending stream of publications implementing Executive Order (EO) 14028 continue to drop, the National Institute of Standards and Technology (NIST) continues to provide additional guidance. At the end of August 2023, NIST released its most recent draft Special Publication (SP) 800-204D “Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD […]

At the end of August 2023, Jenkins announced it experienced 79% growth between June 2021 and June 2023. With an estimated 44% market share, Jenkins is a critical technology automating CI/CD pipelines.  As a technology pervasive across the developer community, the Jenkins vulnerabilities announced on August 6, 2023, will likely attract attackers seeking to infiltrate […]

By Lukas Seidel Coding in dynamic languages like JavaScript and Python is fun and allows for fast iterations, but it comes with a cost. Without proper type information, developers are missing out on the ability to catch bugs early and get helpful IDE support. But the absence of properly typed variables makes life tricky not […]

Introduction The world of application development is a balance between providing features and ensuring security. One tool that stands as a bridge between functionality and security is the JSON Web Token (JWT). While powerful and versatile, like all tools, it requires understanding and caution in its implementation. A Primer on JWTs JWT is a concise, […]