InfoSec Write-ups·2ySecuring the Frontend: A Practical Guide for Developers
This post explores the relationship between frontend development and cybersecurity. It discusses the cybersecurity threats in the frontend, best practices for secure frontend development, and strategies for integrating security into the user experience. Real-world case studies from Google, GitHub, Facebook, Stripe, and Slack are also presented.
Developer Tech·2yApple is killing web apps in the EU
Apple is discontinuing support for web apps in the EU, raising concerns among developers and users alike. The decision is attributed to the complexities of aligning web apps with the requirements of the Digital Markets Act (DMA). Apple defends its stance by highlighting the security and privacy framework of iOS's native apps.
Cerbos·2yElevating cybersecurity in 2024: The imperative for stronger authorization practices
The global average cost of a data breach in 2023 increased by 15% in three years, emphasizing the need for stronger authorization practices. Lessons from this year emphasize the importance of adopting a comprehensive and holistic approach to authorization. Businesses should shift from dispersed, code-embedded authorization logic to centralized authorization systems governed by clear policies. Policy-Based Access Control (PBAC) systems and cloud-based solutions can help businesses adapt to evolving security threats and scalability needs. Continuous learning, interoperability, and off-the-shelf access control systems are vital considerations for improving authorization practices.
