Simplifying Application Development Security Security is an integral and often challenging component in application development. Developers focus on the functionality of the frontend and backend, but they may be unaware of potential security design flaws in their implementations and APIs. OAuth and OpenID Connect (OIDC) provide a standardized security framework for protecting applications. Authlete is The post Making OAuth and OIDC Accessible to Developers appeared first on Software Engineering Daily.
11 April 2024
Authlete and Making OAuth Accessible with Justin Richer
OAuth is an open standard for access delegation. It lets users grant websites or applications access to their information on other websites, but without giving away passwords. OpenID Connect is an identity layer on top of OAuth. Even if you haven’t programmed using OAuth and OpenID Connect, you’ve certainly used them for authentication on Google, The post Authlete and Making OAuth Accessible with Justin Richer appeared first on Software Engineering Daily.
60 min
13 March 2024
Biometric Authentication with Vincent Delitz
Corbado is an authentication platform that provides APIs for developers to replace passwords with passkeys such as Face ID or Touch ID. Vincent Delitz is a Co-Founder at Corbado and he joins the show to talk about the platform, the changing authentication landscape, the challenge of session management with passkeys, and more. Gregor Vand is The post Biometric Authentication with Vincent Delitz appeared first on Software Engineering Daily.
41 min
14 February 2024
SimpleWebAuthn with Matthew Miller
SimpleWebAuthn is an open source TypeScript-centric pair of libraries – frontend and backend – that make it easier for devs to implement WebAuthn on the web. Matthew Miller started the project in 2019 and it has grown in tandem with the popularization of WebAuthn. He joins the podcast today to talk about the history of The post SimpleWebAuthn with Matthew Miller appeared first on Software Engineering Daily.
64 min
17 January 2024
OpsHelm with Kyle McCullough
Security issues can often be traced back to small misconfigurations in a database or cloud service, or an innocent code commit. OpsHelm is a security platform that’s oriented around identifying and fixing these issues. Kyle McCullough is the Co-Founder and CTO of OpsHelm and he has deep experience in backend and data engineering. He joins The post OpsHelm with Kyle McCullough appeared first on Software Engineering Daily.
35 min
3 January 2024
Apiiro Security Posture Management with Yonatan Eldar
Software supply chain security is a major challenge in the modern engineering environment. Many teams are working to establish best practices to proactively identify, fix, and prevent risks in their applications. Apiiro is a platform designed to solve this problem and gives risk visibility, prioritization, and remediation. Yonatan Eldar is the Co-Founder and CTO at The post Apiiro Security Posture Management with Yonatan Eldar appeared first on Software Engineering Daily.
42 min
21 December 2023
Blocking Ransomware Attacks with Anthony Cusimano
Ransomware attacks involve the deployment of malware that blocks access to a user’s or organization’s computer files by encrypting them. The attackers then demand a ransom payment in exchange for the decryption key that will restore access to the files. These attacks are often directed at governments and corporations, and can be costly. Veeam is The post Blocking Ransomware Attacks with Anthony Cusimano appeared first on Software Engineering Daily.
47 min
6 December 2023
Software Supply Chain Security with Michael Lieberman
One of the most famous software exploits in recent years was the SolarWinds attack in 2020. In this attack, Russian hackers inserted malicious code into the SolarWinds Orion system, allowing them to infiltrate the systems of numerous corporations and government agencies, including the U.S. executive branch, military, and intelligence services. This was an example of The post Software Supply Chain Security with Michael Lieberman appeared first on Software Engineering Daily.
43 min
3 December 2023
KubeCon Special: Sigstore with Santiago Torres-Arias
This episode of Software Engineering Daily is part of our on-site coverage of KubeCon 2023, which took place from November 6th through 9th in Chicago. In today’s interview, host Jordi Mon Companys speaks with Santiago Torres-Arias who is a contributor to Sigstore, which is a system to register software supply chain actors using federated identity The post KubeCon Special: Sigstore with Santiago Torres-Arias appeared first on Software Engineering Daily.
42 min
11 October 2023
The Future of HTTP with Nick Shadrin and Roman Arutyunyan
The Hypertext Transfer Protocol, or HTTP, is used to load webpages using hypertext links, and it’s the foundation of the web. Tim Berners-Lee famously created HTTP version 0.9 in 1989, and defined the essential behavior of a client and a server. Version 1.0 was eventually finalized in 1996, and its secure variant called HTTPS is The post The Future of HTTP with Nick Shadrin and Roman Arutyunyan appeared first on Software Engineering Daily.
