Let’s get the obvious part of this article out of the way first: if you don’t sanitize your data you’ll always be vulnerable to cross-site scripting (XSS) attacks, no matter what framework you use.
Most CTOs today have a software engineering background but have only limited knowledge about securing applications at scale.
What do we do?
If you are reading this, you’ve probably already heard about us, and in this post I do not want to talk about “Who we are” , instead I’d like to talk about How we check the Security Status of your company from the outside with almost no information other than your domain name.
We have entered the final stretch and we want to provide everyone in our community with an update on our progress and upcoming plans. Back in July we outlined a set of initiatives and have made significant progress on them since.
- A bug in the Google+ API left data like name, email address and gender of up to 500,000 users exposed
- Google patched the issue earlier this year and didn’t find any evidence of the data being misused
- This is the final nail in the coffin for Google+, which will be shut down by the end of 2019
In the past couple years we’ve seen a few giants either fall under scrutiny for how they’ve handled their user’s personal information –ahem-Facebook!-, or straight up had their user data held for ransom as was the case with Uber.
If you’ve been involved in software development in recent years, then you should be aware of the term “Penetration Testing”.
Our team continuously strives to improve the happiness and comfort of our customers. We are in charge of understanding developers’ challenges in searching to improve their software security without sacrificing development time, which is quite limited!
The breaking point that puts an end to all the great features of WordPress, is computer security, because having firm foundations and business technology pillars, we will always question the continuity of the business. And so the phrase is born: WordPress is not safe. This phrase, absent from technical analysis, whose conventional meaning is repeated again and again without alterations, represents a commercial error of great importance, because a good computing professional knows that WordPress is safe, and that the real problem lies in the administration of the CMS and the establishment of protocols through which a website, regardless of the content management system (CMS) used, is always subjected to various and periodic security analyzes. This is what is known in the field of computing security, as the human factor.