CodeOpinions
Cross-Site Request Forgery is dead!
How same-site cookies can help.
CodeSamples
Say hello to security.txt
How to let others disclose website vulnerabilities responsibly.
CodeOpinions
HTTPS Anti-Vaxxers
Dispelling common arguments against securing the web.
CodeResources
A new security header: Feature Policy
How you can use it to enable or disable certain website features.
BusinessOpinions
URLs are hard, let's kill them
Why it’s better to show users only what they need.
CodeTools
Big HTTPS changes coming in Chrome
They will help push the web to be even more secure.
CodeOpinions
Why we need to do more to reduce certificate lifetimes
It’s time to improve the security of your website.
CodeResources
Introducing another free CA as an alternative to Let's Encrypt
It’s always a good idea to have another option.
CodeSamples
Here’s another free CA as an alternative to Let’s Encrypt
Now you have four options to get a free digital certificate.
CodeSamples
The danger of open redirects
How something as simple as a redirect can end up.