Author: Katie Foley

Software Security: SQL Injection

Over 160 million credit card numbers compromised, $300 million stolen, and immeasurable suffering for the identity theft victims. The 2014 super hack should have never happened. The thieves utilized SQL Injection, a security threat that has been listed on OWASP’s Top Ten list for years. So why aren’t developers taking the proper preventative steps? As I said in my last blog kicking off this security series, it is more cost effective to build a website with security measure in place then to go back and fix a site. Also, it is much more cost efficient to build a secure...

Read More

Software Security: What are the Costs

Software is constantly changing and evolving. So why has the Open Web Application Security Project (OWASP) Top 10 List stayed basically the same for the past ten years? Developers are constantly coming up with new ideas and ways to do things. These security concerns are not difficult to solve, and developers know they are happening, so I would posit that the problem lies in hiring sub-par developers. Let me step back for a moment. This is the first in a series of security related blogs I will be writing with the input of technologists from Amadeus Consulting. Security is...

Read More

Continuous Integration: The Production Protector

Developers can get tunnel vision. I am not saying this to judge, we can all get tunnel vision sometimes. I know for myself, when I get assigned a project, I get focused on that specific project. This can have a detrimental impact on any development project. Every project has a timeline with certain features and corresponding deployment dates laid out. If specific developers are assigned to individual features, they may get so focused on their designated feature, they forget the potential impact it has to the entire project and timeline. Enter continuous integration. Or the “production protector”, as defined by...

Read More

SignalR for Actual Instant Messaging Pt 2

As I stated in my last blog, SignalR does not work for every application. As Dan Hill, one of the technologists at Amadeus Consulting, stated, “Lawnmowers are great, but we would never drive to work on them.” If it isn’t a magic tool that does it all, why am I so excited about SignalR? Because the web is all about interaction. Whether it is for personal or professional use, people interact with each other in a meaningful fashion. SignalR now gives us the ability to have these interactions in real time, and there are some great examples of how...

Read More

SignalR for Actual Instant Messaging Pt 1

I use some type of instant messenger on a daily basis. Whether it is interoffice communications or talking with friends, IM can be an easy way to touch base. If you are like me in this respect, and I’m sure most of you are, you have probably experienced the “this is the most confusing conversation ever and it would be easier to just call the person” experience. You know what I’m talking about. It’s when you are typing a response to someone while the person that you’re talking to is typing. You both hit send at the same time....

Read More