The alarming state of secure coding neglect
A survey reveals a deep divide between developer aspirations for security and organizational practices.
Insights, tools, and best practices to keep your organization and users secure.
Ideas
What can I do with Security+ certification?
Learn about the possible career opportunities once you have become Security+ certified.
Yes, and... Moving beyond the culture of "no"
The benefits of employing an improvisational comedy tool in security communication.
Dave Lewis on the tenacity of solvable security problems
The O’Reilly Security Podcast: Compounding security technical debt, the importance of security hygiene, and how the speed of innovation reintroduces vulnerabilities.
Balancing frontend security and performance with HTTP Strict Transport Security
What is HTTP Strict Transport Security and why should you use it?
Kelly Shortridge on overcoming common missteps affecting security decision-making
The O’Reilly Security Podcast: How adversarial posture affects decision-making, how decision trees can build more dynamic defenses, and the imperative role of UX in security.
Learning
Learn faster. Dig deeper. See farther.
Join Safari. Get a free trial today and find answers on the fly, or master something new and useful.
Video
How can I retrieve application secrets securely with AWS Lambda?
Learn how uncoupling development from security using AWS Identity and Access Management can enhance security.
Video
How can I scan my network using Nmap?
Learn how you can use Nmap to scan your network to find out which services and hosts are listening and may be vulnerable to compromise.
Runnable code
A human-centric trust model for the Internet of Things
Building transparency and individual choice into IoT security.
Video
Activating human intrusion detection systems
Expanding the blue team by building a security culture program.
Video
What are some common pitfalls when using enterprise cloud computing solutions?
Learn how to prevent potential enterprise data leakages from your cloud computing accounts.
People
Allison Miller
Allison Miller works in product management at Google, mitigating risks to Google and end-users. Prior to her current role, Allison held technical and leadership roles in security, risk analytics, and payments/commerce at Electronic Arts, Tagged.com, PayPal/eBay, and Visa International. Miller is a p...
Zane Lackey
Zane Lackey is the Co-Founder/CSO at Signal Sciences and serves on the Advisory Boards of the Internet Bug Bounty Program and the US State Department-backed Open Technology Fund. Prior to Signal Scien...
Guy Podjarny
Guy Podjarny is a cofounder at Snyk.io focusing on the security risk in your dependencies. Guy was previously CTO at Akamai and founder of Blaze.io. Guy is a frequent conference speaker, the author of...
Topic image: Conway Castle, North Wales, by Joseph Mallord William Turner (British, 1775 - 1851)
(source: Getty Museum).