Security

Internet privacy’s cutting-edge technology includes encrypted server name indication (ESNI) and encrypted DNS in the form of DNS over HTTPS (DoH). Find out what they are, why they exist, and how they work.

The de facto standard for web application security is the Open Web Application Security Project’s Top 10 Project. It lists the ten most prevalent security threats based on an extensive amount of data and community feedback and was updated in late 2017.

In this article, Toptal Freelance Full-stack and System Security Developer Hrvoje Gazibara discusses the changes to the OWASP Top 10’s most recent revision by illustrating new vulnerabilities, and even some that were removed.

Learn how, with the right remote worker security policy, distributed teams can be just as secure as in-house teams.

Toptal Freelance Software Engineer and full-time remote worker Amin Shah Gilani walks us through common security attack methods, cyber defense strategies, and, finally, an example of a good remote worker security policy.

How does one secure a vast, distributed network of tech talent? There are three ways of doing this: the right way, the wrong way, and the Toptal way. Today, we will be discussing the latter, and unveiling our plans for a comprehensive overhaul of our onboarding and authentication procedures.

In this post, Toptal Technical Editor Nermin Hajdarbegovic will help you get acquainted with our brand new processes. Since all Toptalers will be required to use our new security platform, we encourage you to comment and contribute to our efforts.

For all too many companies, it’s not until after a breach has occurred that security becomes a priority. An effective approach to IT security must, by definition, be proactive and defensive. This article focuses on avoiding 10 common and significant web-related IT security pitfalls.

A potentially critical problem, nicknamed “Heartbleed”, has surfaced in the widely-used OpenSSL cryptographic library. The vulnerability is particularly dangerous in that potentially critical data can be leaked and the attack leaves no trace.

As a user, chances are that sites you frequent regularly are affected and your data may have been compromised. As a developer or sys admin, sites or servers you’re responsible for are likely to have been affected.

Here are the key facts you need to know about this dangerous bug and how to mitigate your vulnerability.

In 2007, Bennett Haselton revealed a minor hack with major implications: querying ranges of numbers on Google would return pages of sensitive information, including Credit Card numbers, Social Security numbers, and more. While Haselton’s hack was addressed and patched, I was able to tweak his original technique to bypass Google’s filter and return the same old dangerous results.