SameSite - Defense in Depth for HTTP Cookies
Not a lot has changed in recent years with the security of HTTP cookies. As web application security testers, we have been performing a pretty standard »
What we learned about cloud security running a SaaS in AWS for 5 years - Part 4 - Network Security
This is Part 4 of a multi-part series of posts on how we securely ran ThreatSim in AWS for 5 years and never lost a customer »
What we learned about cloud security running a SaaS in AWS for 5 years - Part 3 - Identity and Access Management
This is Part 3 of a multi-part series of posts on how we securely ran ThreatSim in AWS for 5 years and never lost a customer »
What we learned about cloud security running a SaaS in AWS for 5 years - Part 2 - AWS Account Security
This is Part 2 of a multi-part series of posts on how we securely ran ThreatSim in AWS for 5 years and never lost a customer »
What we learned about cloud security running a SaaS in AWS for 5 years - Part 1
This is the first in a series of posts on how we ran a SaaS in AWS that stored highly sensitive enterprise user data and not »
