author Jake Morrison

The security principle of "least privilege" means that apps should only have the permissions that they need to do their job, nothing more. If an attacker compromises your app, then they can't do anything outside of what the app would normally do. They may be able to break the application …

author Jake Morrison

Applications like health care and financial services require high security and data privacy. When security is critical, there are benefits to separating the web front end from the back end using a well defined API.

In traditional applications, the web application talks directly to the database. If an attacker compromises …