SecuRing your software

You have received a security report and wonder what to do next? Here are proven ways to help you introduce a higher level of security.

What is the best place to keep your secrets secure on Android devices? This article shows available methods and our security…

What is front-running and what actions can you take to minimize the negative effects of this attack? Here’s our recommendations to make…

This article contains good practices of AWS Monitoring and Alerting configuration. We also showed a few real-world evasion techniques.

From this article, you’ll learn how to implement protection measures against reverse engineering in your android application.

We present potential threats of performing local authorization on iOS. You will learn how to protect your resources.

This article presents our vision for standard updates in SCSVS.

WebView is in common use in Android applications. Here you will find tips on how to use WebView with security in mind.

What you should consider when trying to securely integrate with SAML Identity Provider.

Secure network communication is one of the most critical aspects of mobile application development. In this article, you will find tips on…

This post discusses how to ensure secure WebViews and how to keep the attack surface restricted.

Reentrancy is as old as Solidity itself, and even older because it’s not the only programming language it appears in. It got a lot of…

This article is an introduction to our open source project: Financial Application Features Security Guide (FAFSG).

Do you want your software to be secure in its DNA? This post is our overview of two possible ways to improve security awareness.

In our security tests and reviews of the AWS infrastructure , we often come across repeated oversights. Here are the most common ones.

In this article, we fooled popular Face Recognition APIs such as Azure Cognitive Services, Amazon Rekognition, and Face++.

This article shows why you should always change the secrets in case they were leaked in previous versions of the application.

To this day, we encounter programs that use unencrypted HTTP on occasion. This article is all about secure networking on iOS.

The purpose of this article is to make you aware of the risks associated with improper usage of instance identifiers.

What difference does threat modeling make? What are the benefits of having a Security Champion? Read more in this article.

Cloud infrastructure is becoming a standard, but correct access settings still do not seem so obvious. See how we managed to make use of…

It is not worth being indulgent with other operating systems. See howyou can align the level of security in your organization.

In this article, we will go through available methods and show you the recommended way to do this.

What steps to take for an effective analysis of the attack surface? See our approach to Threat modeling methodology.