The log4J zero day vulnerability being referred to as “Log4Shell” (CVE-2021-44228) was firsts discovered on December 9th, 2021, and is getting a lot of well-deserved attention because of its wide-reach and high severity. This log4J vulnerability allows for unauthenticated remote code execution and can be weaponized to allow the complete takeover of a vulnerable system….
Continue ReadingDevelopers
How Do I Use BitBucket Security Scanner?
The code management software Bitbucket helps teams collaborate more cohesively to improve the integration of high-quality code. Core features are available to all Bitbucket users, while the choice between cloud, data center, or on-site servers determines a user’s accessibility to several valuable abilities. Bitbucket’s user-friendly interface makes it easy to monitor and track all pull…
Continue Reading
Bitbucket Security Best Practices for 2021
It’s challenging to keep up with the best cybersecurity practices, as recommended security measures change quickly and often. Thankfully, Bitbucket offers simple ways to maintain safe code. Although the specifics vary, the following best practices apply to almost any git or repository. 1. Change Keys, Tokens and Passwords Often Security begins at login, so information…
Continue Reading
Supply Chain Attacks – Defend Against Dependency Substitution and Typosquatting
If you’ve referenced open-source software in your software development process, you’ve relied on code published to public repositories as “packages”. These packages can be an attack vector when a malicious character uses Dependency Substitution or Typosquatting to ceate a supply chain attack. Those packages are downloaded and installed by a package manager. Each programming language…
Continue Reading
Node.js Versioning
Node.js versioning is an essential skill for developers aiming to rapidly deploy secure web apps. Read about the tools that tame version management.
Continue Reading
10 Ways to Make GitHub Safe
Is GitHub Safe? The platform is as safe as a developer makes it. Learn about the cheats, tools, and tactics to keep projects safe throughout development.
Continue Reading
Change Node Versions
The ability to change Node versions and npm registries in a development environment is easy with the right tool.
Continue Reading
BSD vs MIT License
The BSD vs MIT license contest has a lively history. Learn about the high-stakes gambles and exasperating missteps behind the leading FOSS licenses.
Continue Reading
What Is Bower Used For?
Bower was once the most popular front-end package manager to use for web development projects. It took the legwork out of finding, installing, and saving appropriate versions of external software packages. Bower was built at and released by Twitter in 2012. The creators’ goal was to automate some necessary tasks related to dependency management to…
Continue Reading
What Is Bower?
What is Bower, and what are the alternatives to this popular but deprecated package manager? Learn the past and future of client-side dependency management.
Continue Reading