A software development and consulting firm with a simple goal: to positively influence the adoption and use of secure technology.

Recent Posts

  • How to hide Nginx web server version in responses

    Asking for a web server’s version

    There are many ways in which an attacker can find a vulnerability in a website. One of them is by knowing the version of the web server that the site uses and then looking up known vulnerabilities for that version. How can they find out the version? It’s surprisingly easy, actually. They just need to ask.

  • Converting a Java application from synchronous to asynchronous using CompletableFuture

    Synchronous and asynchronous applications

    In a synchronous application, each line of code is dependent upon the complete execution of any lines above it. In a small program with in-memory data structures and low-resource operations, the effects of this are negligible; run time can feel almost instantaneous. When external dependencies or compute intensive operations are introduced, this can change the behavior of the application because now many lines of code may be waiting for work above them to complete. This is where asynchronous programming can help improve an application’s performance.

  • How to accidentally spend $600/month using AWS Cloudformation and Cloudfront


    I’m sure that there are many ways to accidentally spend more than intended using any cloud provider. Here I’ll explain how to easily do this using AWS’s Cloudformation and Cloudfront.

  • Get a public URL for local websites with ngrok

    Purpose of ngrok

    Sometimes, you don’t know what you don’t know, which is probably the worst type of unknown. For me, until recently ngrok was one of those things. But before going any further, I should explain what ngrok is. ngrok is a simple-to-use utility that allows you to get a public URL that you can use to expose a service running locally. By locally, I typically mean something bound to localhost.

  • DynamoDB made easier with PynamoDB

    Using the AWS SDK with DynamoDB

    The AWS SDK for Python is well written, well documented, and makes it relatively easy to work with AWS services. Normally, I enjoy working with the library because it makes coding easier but the DynamoDB portion of the SDK feels verbose and unintuitive. As a result, I was looking for something easier to use and found PynamoDB on Github.

subscribe via RSS