Meet Hank. Hank is a web application with a dark secret. It trusts you the user to not change things in the browser. Bad Hank. Learn how to fix it!
The Content-Security-Policy headers exists to protect the users of your web site from the content they themselves might create.
Should I use a Web Application Firewall? What is it ? What benefit will it give me? When would I use it? Read on to learn!
Web applications may not be inherently secure. But we want them Internet available anyway. How can we reconcile these two? Let’s see!.
Agilicus presents its architecture, philosophy, strategy at CNCF Eastern Canada Stories Meetup
We often think in Boolean terms: Outside Bad, Inside Good
Instead, assume each layer will be breached
Your corporate firewall. That invulnerable bastion that lets you fearlessly run less-than-secure internal tools like a CRM, a Finance portal. But, is it really invulnerable? Or is it a paper wall at best? We look at how Cross-Site-Scripting vulnerabilities, known session ID cookies or access tokens can allow content from the world to pierce it as if it were not there. We do this using the weakest link: you.
Ensure new team members receive proper workplace training. Demonstrate compliance. Even if those workers don’t have accounts or desks.
For audit, security, tracing, we want the origin IP logged. Load-balancers can mask this. Learn how to log the true client IP from nginx with lua, when that nginx is behind a load-balancer (reverse proxy)
The Canada Emergency Wage Subsidy. Rolled out fast, rolled out awesome. The end-user experience of this was truly great.
Subscribe for updates
We'd love to stay in touch. There are two groups you might consider, the 'Announcements' are infrequent things we have to say about our progress, and 'Blog' is a more frequent set of updates (that you can also get via web-push notifications by clicking the bell in the lower-right).
Don't worry, you can unsubscribe anytime, and we don't sell or transfer this list. It's just between us.