Who are you? Who? Who? If you’ve ever hummed that song to yourself when coding, then you already know the fundamental use case for the Lightweight Directory Access Protocol (LDAP). LDAP is the protocol that communicates access and authentication data across various technologies. As a vendor-neutral, open protocol, LDAP works with proprietary directory tools, like […]
READ MOREIntroduction HTTP Security Headers are akin to the guardians of web security, playing a pivotal role in safeguarding web applications against a myriad of threats. However, the path to implementing these headers is riddled with potential missteps. A minor misconfiguration can render them ineffective, exposing your application to exploits. This article will unravel developers’ typical […]
Introduction Race conditions linger as elusive threats in the domain of concurrent programming, creating a fertile ground for inconsistencies and unforeseen security vulnerabilities. These subtle programming bugs arise when multiple processes access shared resources simultaneously, leading to unpredictable and undesirable outcomes. This article will journey through the labyrinth of race conditions, exploring their implications on […]
Remote code execution (RCE) has been a part of many cybersecurity news headlines throughout the past few years. When attackers exploit an RCE vulnerability, they can gain complete control over the target machines or systems, almost like an invisible hand puppeteering the technologies. As a developer, you should know how to identify and remediate a […]
I’m sure we’re all familiar with the idea made popular by Malcolm Gladwell’s book Outliers that it takes 10,000 hours to truly master something. Based on the paper “The Role of Deliberate Practice in the Acquisition of Expert Performance“, the research data indicates that people who are experts in a field got to that level […]
We all do it. When we are recalling a story or something that happened in our lives, we fill in the “fuzzy” areas with what we believe to be the truth. It’s human nature to embellish somewhat or simply fill in the blanks with what could be facts based on our recollection, but often are […]
For a lot of programmers, Python is their “love language.” Easy to learn and use, Python is perfect for building cutting-edge machine learning and cloud computing projects. Unfortunately, knowing that programmers love Python, malicious actors have started targeting the Python Package Index (PyPI) as part of supply chain attacks. As researchers identify more malicious Python […]
The National Cybersecurity Strategy Implementation Plan plays a vital role in safeguarding the digital infrastructure of the nation. This comprehensive plan, outlined by the White House, is comprised of three pillars and sets forth a roadmap to enhance cybersecurity measures across various sectors. Pillar Three of the implementation plan focuses on the need for developers […]
Software engineers’ ideal state includes being able to work with minimal disruption. This “flow state” is when they are most productive and have the best chance of delivering the products and features they are tasked with producing within the required timeline. Whenever something adversely impacts their flow state productivity, mental health, and overall effectiveness may […]
As we embark on this new chapter in application security, it’s important to understand how AI and machine learning can provide greater understanding and insight into vulnerabilities than older methods of detection. In this article we will cover the following: The risk of using vulnerable dependencies (directly or transitively) Not all vulnerabilities pose risk. Why not? […]
AI Findings Qwiet AI has introduced a new finding category within the preZero application. In addition to the standard fields at the top of the screen, a new category labeled “AI Findings” will now be visible. This is the first iteration of the AI/ML detection engine within the preZero platform, which will have a tremendous […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
© 2023 Qwiet. All rights reserved.