InfoSec for Developers is a developer resource for all things Encryption and InfoSec. No FUD. Just Stuff.

Adam Shostack on InfoSec for Developers Expert Speak - Adam Shostack
InfoSec expert Adam Shostack answers 5 #Developer #Security Questions.
 

JWT-vs-JWS-vs-JWE JWT vs JWS vs JWE
What is the difference and when to use which.
 

Ben Rothke on InfoSec for Developers Expert Speak - Ben Rothke
InfoSec expert answers 5 #Developer #Security Questions.
 

Attack Vectors Against Identity Data - Whitepaper Attack Vectors Against Identity Data
Whitepaper that lists most prevalent attack vectors against identity data, and how to enable protection against these attack vectors.
 

5 Tips to Secure PostgreSQL 5 Tips to Secure PostgreSQL
Protect your PostgreSQL database from nasty breaches and hacking attacks.
 

AWS Security Best Practices AWS Security Best Practices
Get top 5 best practices to ensure complete security of your AWS cloud.
 

Michael McCabe on InfoSec for Developers Expert Speak - Michael McCabe
InfoSec expert answers 5 #Developer #Security Questions.
 

How To Prevent jQuery and Cross-Site Scripting How To Prevent jQuery and Cross-Site Scripting
Learn how to prevent the vulnerability due to stored XSS using input validation and output escaping.
 

AWS Shared Responsibility Model for Data Security - Whitepaper AWS Shared Responsibility Model for Data Security
Whitepaper that tells app developers what they should know about the AWS Shared Responsibility Model for Data Security.
 

How Should Startups Do Data Security - 8 Tips You’re A Startup. How Should You Do Data Security?
8 Data Security Must-Haves for startups that are always low on time, money, dev hours and especially sys-admin hours.
 

Encryption Errors that Developers Should Avoid - InfoWorld Encryption Errors That Developers Should Avoid
Encryption can alleviate the impact of security breaches; but it has to be done right.
 

HSTS - Why Needed and How To Configure HSTS: Why Needed and How To Configure
Why developers need HTTP Strict Transport Security (HSTS) and how to configure it.
 

Bring Your Own Encryption Keys Bring Your Own Encryption Keys
Bring Your Own Keys (BYOK) for encryption model brings in trust into SaaS.
 

To Encrypt or Not To Encrypt To Encrypt or Not To Encrypt?
5 True Answers that bust the myths around encryption and conclusively answers the question - To Encrypt of Not to Encrypt.