8 posts tagged with "security"

The rapid pace of software development and the need to continuously deliver new features to stay competitive in today's market has introduced a unique set of challenges, one of which is security. With more and more software applications coming to play a pivotal role in user's daily lives, ensuring the security of these applications is paramount.

Security has become increasingly important for businesses and organizations of all sizes, especially in today's ever-evolving landscape, where cyber threats constantly loom around the corners like shadowy specters. As software systems become increasingly complex and cyberattacks become more prevalent, organizations need effective strategies and tools to bolster their security posture.

The question arising then is: How can they strike a harmonious balance between ensuring the security of their applications and meeting the relentless demand for innovation? One such tool that has gained prominence is feature flagging, and in this blog post, we'll examine how we can utilize it to enhance security while following best practices.

Government agencies, with their strict security requirements, often face difficulties in fully embracing DevSecOps practices. Balancing the need for rapid feature releases with robust security measures poses a challenge. Feature flags offer a promising solution in this context. By seamlessly integrating into DevOps and DevSecOps pipelines, they can empower government agencies to effectively manage feature releases while maintaining high levels of security.

Adding new features to existing applications used to mean that code pushed into production automatically updated the entire app. This raises security risks to the existing application, because a single bug could have catastrophic consequences. This risk can be reduced by implementing a secure feature management architecture that allows code updates with increased flexibility and the power to easily switch between versions.

Choosing the right SaaS (Software as a Service) provider is a crucial decision for any organization. When evaluating potential vendors, it's essential to have a clear understanding of their security measures, service level agreements, and other factors that may impact your business.

Here are some key questions to help guide your evaluation process.

ConfigCat is proud to offer a robust, comprehensive feature flag service for software engineers to utilize safe trunk based development.

Companies must use the most up-to-date standards when developing their unique Information Security Management System (ISMS), as information security becomes significantly more difficult to protect the more an organization grows.

ConfigCat is NOT affected​

A remote code execution flaw was recently discovered in log4j. The vulnerability is fixed in log4j 2.15.0.

Nowadays, almost each and every business uses some sort of web application, so cyberattacks are becoming a daily struggle for huge enterprises as well as for small businesses. It’s not enough for programmers to build an application that looks great and works smoothly. Many consumers are getting aware of the need for security in the applications they are using.

As ConfigCat is a Software as a Service business with applications running in the cloud, we take security as seriously as reliability. Here are the security measures we take to ensure that we deliver a secure application.

What is 2FA?​

2FA is a way of granting access to users only after presenting two separate pieces of evidence (factors). One of these factors is usually a password which the user should know and the other factor something they have or even something they are. This way you can be sure that only knowing your password won't be enough for an attacker to gain access to your account.

How does 2FA work in ConfigCat?​

In our case the first factor is password you use to login to ConfigCat Dashboard. The second factor is a 6-digit number generated via an Authenticator App.