infosec

We are so excited to sponsor this year’s Gartner Application Innovation & Business Solutions Summit May 14 - 16 in Las Vegas! We will be in booth #419 right outside Theater 1 ready to give Pangea demos, discuss the latest security trends, and meet w...

So you’ve decided to throw away those .env files with all your app secrets and move to a more secure option. Well first off, congratulations 🎉, you’re on your way to evading cyber attacks involving exposed secrets! Vault Considerations 🧐 While choo...

When I say “secure authentication,” what comes to mind? You probably think of SSL, password policies, and MFA. Those are a good starting point but what if we could look into the authentication request itself? What if we could use that request context...

✍ This article was written by author Ian Forrest In a previous post, I wrote about audit logs and the compliance frameworks which rely on them. What I didn’t cover is what you need to include in your audit logs to make them useful. After many years...

✍ This article was written by author Ian Forrest There are many reasons to log events — for performance tracing, to understand user behavior, or for “just in case” scenarios where something goes wrong… or it could be for compliance. In my previous ...