Security Articles

Slack's enterprise search architecture prioritizes security and privacy when integrating external data sources like Google Drive and GitHub into Slack search.

Uncategorized

Squareup

11 min read

Security•2025-01-28

Kube-Policies: Guardrails for Apps Running in Kubernetes

This post describes how a Compute Security team built kube-policies, a custom Kubernetes admission controller on top of Open Policy Agent (OPA) to replace Pod Security Policies with adaptive security guardrails.

Enhanced Authorization with Square

This post covers Square's three key tools for enhancing payment authorization rates and reducing fraud.

Common annotated security keys

The article introduces Microsoft's Common Annotated Security Key (CASK) standard, an open format for minting identifiable security tokens that improve secret detection accuracy.

Engineering@Microsoft

1ES

ADO Azure DevOps GHAS

GitHub Advanced Security

Making Insights-Driven Decisions in an Ecosystem of Ecosystems

Block shares their data-driven cloud security platform and a GCP static credential elimination case study.

Advancing Our Amazing Bet on Asymmetric Cryptography

This Chromium Blog post discusses advances in asymmetric cryptography within the Chromium project.

Chromium

24 min read

Security•2024-04-02

Fighting cookie theft using device bound sessions

This post from the Chromium Blog introduces device bound sessions as a defense mechanism against cookie theft attacks.

Squareup

01 min read

Security•2024-03-27

Leveraging Linux Internals to Supercharge Osquery Malware Detection

This post describes a novel technique combining osquery, YARA, and the Linux /proc filesystem to detect fileless and in-memory malware on Linux systems.