HTTP Basic Auth has been with us for ages. Some despise it for its insecurity, while others love it for its simplicity. Should you opt for using it or avoid it at all cost?
The Web API Authentication guide, The intro
As a developer, you will most likely get in the situation, where you have to decide how to authenticate your API. How would you deal with it?
Hello, my name is Daniel Szpisjak
Your time as a Software Engineer is valuable. I get it and respect it. This blog is designed to contain small, easily consumable drops of security knowledge essential for You.
Data Integrity Primer
Data integrity is rarely talked about, even though it comprises the basis of many data flows a modern web application has to deal with. From a security perspective, integrity deals with protecting data
About trusting data
"Never trust user input" - say the wise. Sound advice, although it raises more questions than it answers. First of all, what does it mean to trust a piece of data?
Security for Software Engineers
Solid security knowledge among developers is scarce these days, simply because it is not as spectacular and sexy as a new framework or a cool new tech. Nevertheless, it is real and will