security Archives

code-for-a-living May 16, 2022

Stack under attack: what we learned about handling DDoS attacks

When the bots came for us, we strengthened our defenses. Here's what we learned about parrying a few DDoS attacks.

Josh Zhang Staff Site Reliability Engineer

code-for-a-living May 5, 2022

Security needs to shift left into the software development lifecycle

Security needs to move from an afterthought to a primary concern in software development. Here's what shifting left looks like for real-world developers.

Michael Chenetz

podcast April 12, 2022

“Your salary shouldn’t be dictated by how good a negotiator you are.” (Ep. 432)

The home team discusses pay equity at New Relic, Okta’s security SNAFU, and the AI creating “wildly good” generative art.

Eira May Content Writer

code-for-a-living April 11, 2022

The complete guide to protecting your APIs with OAuth2 (part 1)

OAuth2 is one of the most popular specifications for API authentication today, though wrapping your head around it can be a challenge.

Dan Moore

stackoverflowknows January 19, 2022

Here’s how Stack Overflow users responded to Log4Shell, the Log4j vulnerability affecting almost everyone

When the Log4j security issue was disclosed, developers came looking for answers. We took a look at our site data around it.

David Gibson Staff, Data Analytics and Insights

podcast December 7, 2021

Podcast 398: Feeling insecure about code’s security

Are your TikTok confessions GDPR-compliant?

Eira May Content Writer

stackoverflowknows October 11, 2021

Shift to remote work prompted more cybersecurity questions than any breach

For this edition of Stack Overflow Knows, we did a deep dive into cybersecurity topics across Stack Overflow and Stack Exchange sites to spotlight trends and reflect on how conversations are evolving within the developer and technical community.

David Gibson Staff, Data Analytics and Insights

podcast August 24, 2021

Podcast 369: Passwords are dead! Long live the new authentication flows.

Magic links get you in the door safer than passwords.

Ryan Donovan

company January 25, 2021

A deeper dive into our May 2019 security incident

We take a detailed look at a hacking incident that gave a user unauthorized access to our code and data.

Dean Ward Principal Developer - Former

code-for-a-living December 14, 2020

Security considerations for OTA software updates for IoT gateway devices

In order to respond to threats, device designers must remotely update, which if implemented poorly, can provide another vector for attacks. In this post, dig into specifics related specifically to the over-the-air (OTA) software update framework in an enterprise setting.

Drew Moseley

podcast August 4, 2020

Podcast 257: a few of our favorite haxx

From the Samy Worm to WannaCry, we chat about a decade worth of security snafus.

Ben Popper Director of Content