The Rise of AI-Driven API Vulnerabilities
AI has had dramatic impacts on almost every facet of every industry. API security is no exception. Up until recently, defending APIs meant guarding against…
Category: Mix
Dumping Cursor for VSCode + Claude Code
Don’t get me wrong—Cursor is genuinely awesome. It’s probably the best AI-native code editor ever built, with incredibly thoughtful integrations and a user experience that…
Understanding DevSecOps | HAHWUL
Sharing thoughts and approaches on DevSecOps, which integrates development (Dev), security (Sec), and operations (Ops) to embed security throughout the development lifecycle. What is DevSecOps?…
what’s best for your business?
Organizations are adopting bug bounty programs more and more as part of a layered security strategy to address the skills gap and to help their…
How to Securing GraphQL | HAHWUL
A summary of common security vulnerabilities in GraphQL and their mitigation strategies. GraphQL provides superior flexibility and efficiency compared to traditional REST APIs by allowing…
How to Securing SSE | HAHWUL
In this article, I’ll explain Server-Sent Events (SSE), one of the technologies for implementing real-time data communication in web applications. We’ll explore the basic concepts…
How to Securing Web Socket
A guide on securing WebSocket to protect real-time applications from common vulnerabilities. This article covers the security vulnerabilities of WebSocket, which enables real-time bidirectional communication,…
How to Secure Cookies | HAHWUL
Cookies play a crucial role in web applications, but at the same time, they require careful attention to security settings. In this post, we’ll take…
Subresource Integrity (SRI) | HAHWUL
A guide to understanding and implementing Subresource Integrity (SRI) for enhanced web security. Subresource Integrity (SRI) is a security feature that enables browsers to verify…
Understanding Content Security Policy (CSP)
Learn about Content Security Policy (CSP), its importance, how it works, and how it enhances web security. What is Content Security Policy (CSP)? Content Security…
WPA Key, WPA2, WPA3, and WEP Key: Wi-Fi security explained
Setting up new Wi-Fi? Picking the type of password you need can seem like an arbitrary choice. After all, WEP, WPA, WPA2, and WPA3 all…
Build your own serverless subscriber list with Go and AWS
You can now subscribe to my email list on victoria.dev! Here’s how I lovingly built a subscription sign up flow with email confirmation that doesn’t…