Games are good, mods are immortal (Ep. 446)
On this home team episode of the podcast, Ben, Cassidy, and Matt talk about small computers, big nostalgia, and security flaws that you could script a truck through.
Stack under attack: what we learned about handling DDoS attacks
When the bots came for us, we strengthened our defenses. Here's what we learned about parrying a few DDoS attacks.
Josh Zhang
Staff Site Reliability Engineer
Security needs to shift left into the software development lifecycle
Security needs to move from an afterthought to a primary concern in software development. Here's what shifting left looks like for real-world developers.
“Your salary shouldn’t be dictated by how good a negotiator you are.” (Ep. 432)
The home team discusses pay equity at New Relic, Okta’s security SNAFU, and the AI creating “wildly good” generative art.
Eira May
Content Writer
The complete guide to protecting your APIs with OAuth2 (part 1)
OAuth2 is one of the most popular specifications for API authentication today, though wrapping your head around it can be a challenge.
Here’s how Stack Overflow users responded to Log4Shell, the Log4j vulnerability affecting almost everyone
When the Log4j security issue was disclosed, developers came looking for answers. We took a look at our site data around it.
David Gibson
Senior Data Scientist
Podcast 398: Feeling insecure about code’s security
Are your TikTok confessions GDPR-compliant?
Eira May
Content Writer
Shift to remote work prompted more cybersecurity questions than any breach
For this edition of Stack Overflow Knows, we did a deep dive into cybersecurity topics across Stack Overflow and Stack Exchange sites to spotlight trends and reflect on how conversations are evolving within the developer and technical community.
David Gibson
Senior Data Scientist
Podcast 369: Passwords are dead! Long live the new authentication flows.
Magic links get you in the door safer than passwords.
A deeper dive into our May 2019 security incident
We take a detailed look at a hacking incident that gave a user unauthorized access to our code and data.
Dean Ward
Principal Developer - Former
Security considerations for OTA software updates for IoT gateway devices
In order to respond to threats, device designers must remotely update, which if implemented poorly, can provide another vector for attacks. In this post, dig into specifics related specifically to the over-the-air (OTA) software update framework in an enterprise setting.
