In traditional applications, the web application talks directly to the database. It has rights to do anything, relying on application rules to control access. If an attacker compromises it, then they can do anything, e.g. grab all the data or create a funds transfer transaction.
When security is critical …
Categories
Tags
- abuse
- android
- ansible
- architecture
- asdf
- aws
- cdn
- cloud
- codedeploy
- configuration
- cryptocurrencies
- db migrations
- deployment
- design
- development
- devops
- dns
- elixir
- embedded
- entrepreneurs
- erlang
- ets
- failure
- functional programming
- go
- golang
- graphical design
- graphql
- ios
- iptables
- kerl
- know your customer
- kyc
- languages
- linux
- lisp
- logging
- migrating
- migration
- mobile
- mvp
- nerves
- nginx
- optimization
- packer
- paypal
- performance
- personas
- phoenix
- plug
- presentations
- pricing
- process
- programming
- python
- rate limiting
- requirements
- ruby
- saas
- security
- startups
- static assets
- systemd
- terraform
- testing
- user experience
- user stories