Latest Posts

The Web Is Not Tomorrow But Today

web-future

Over the past 20 years, the web has evolved from a basic document sharing network to a platform capable of doing things we didn’t even know to be possible at the time of its creation. The web has struggled in adapting to its users needs since its inception, and as the web grew many mistakes were made only to be solved later on. Read More

Recap OWASP AppSecUSA 2016

OWASP’s 13th Annual AppSecUSA Security Conference (held at the Renaissance Washington, DC Downtown Hotel in Washington DC, USA) was an amazing opportunity to discuss security with developers and security experts from across the U.S. and around the world. If you were unable to attend AppSec USA 2016, don’t worry, OWASP recorded all of the sessions, which will eventually be posted on the OWASP YouTube channel. In the meantime, take a look at the major highlights we picked from the event: Read More

Getting Started with Angular 2 End To End Testing

Angular2-End-To-End-Testing

There have been many reasons I have held out on adding automated testing to my applications in the past. One of them was not knowing the benefit vs cost ratio. Another is the thought that they would be hard to integrate into existing production applications. How do we go about testing our applications without rewriting them from scratch just to introduce testing into them? Read More

Optimizing React Rendering through Virtualization

Optimizing React Rendering-through Virtualization

Even though React is fairly performant out-of-the-box, sometimes you need to tune it. The most common trick is to implement shouldComponentUpdate lifecycle method so that React can skip rendering based on a custom check. This can be convenient if equality checks against the data happen to be cheap (i.e. you are using some library providing immutable structures).
Sometimes this isn’t enough. Consider rendering thousands of lines of tabular data. It can quickly become a heavy operation even if you have nice checks in place. That is when you need to be more clever and implement a context specific optimization. Read More

The Most Effective Way to Protect Client-Side JavaScript Applications

Protecting JavaScript Applications with Client-Side RASP

There are many useful features in a client-side technology like JavaScript. That’s what made it the most popular programming language in the world. It features many advantages, immediate parsing being one of them. This has benefits, for example, as the browser executes code right as it downloads content. But, with this level of freedom comes responsibility. Read More

How to Store Passwords Safely

how to store passwords safely

Security of users’ passwords is one of the most important aspects of developing your web application. Unfortunately, making a good authentication script, which will safely store your data is not a piece of cake. It’s incredibly easy to get it wrong. The best way is not to store passwords at all, but… sometimes you have to. Let’s think how to make it as safe as possible. Read More