Let's Talk
Security In Layers: Preventing XSS Attacks with AWS S3 Direct Upload
Posted by
For any any web developer, allowing users to upload files to a service and then serving those files back other users is a great way to open those users and your service up to a whole host of security vulnerabilities. This article will attempt to give some guidelines on a few things to be aware of when hosting user files, and is specifically aimed at using Amazon S3 direct upload.
Posted by
Everything on the back-end is super-securely encrypted--but how do you know? By sticking to a few simple design guidelines, your secure site with actually feel secure and instill confidence in your visitors.
How Fusionbox addresses security as a core facet of its culture
Posted by
There's a misconception that security can be added with a product or service, or worked into an existing codebase as an afterthought. However, achieving security requires conscious thought at every step of designing and implementing software, and every decision should take security considerations into account.
Security Without Authentication - Shareable Secret Links in Django
Posted by
Sometimes you need to restrict access to a resource without requiring authentication. While authentication is best when possible, Django makes it easy to do either way.