Open in app

Sign in

Write

Sign in

Vladimir Radchenko
Vladimir Radchenko

4 Followers

Home

About

Apr 22

GitHub Copilot security concerns

Github Copilot and other AI pair tools have the ability to generate code in a variety of programming languages. These ML and NLP based solutions became very popular in less than a year. Nowadays, it’s not just assistant. Copilot-like tools are used in many scenarios: Code autocompletion: AI-powered code editors…

Github Copilot

4 min read

GitHub Copilot security concerns
GitHub Copilot security concerns
Github Copilot

4 min read


Jan 24

Sensitive variables in code for local environment

The problem There is a common bad practice of storing sensitive variables in code. Quite often it leads to secret leakage. By secrets I mean — API tokens, SSH keys, private keys and others. Some careless developers hardcore them and push it into common repository. In result the secret can be…

Appsec

5 min read

Sensitive variables in code for local environment
Sensitive variables in code for local environment
Appsec

5 min read


Jan 9

Web service security — common requirements

Sometimes we need to develop security requirements for some abstract web application. Yeah, unfortunately, we don’t always know the whole feature request list in advance. Web designers prefer to work according to a waterfall model, but it may not always be possible. A technically skilled client is a rare case…

Web Security

4 min read

Web Application Security — common requirements
Web Application Security — common requirements
Web Security

4 min read


May 16, 2022

MITRE ATT&CK framework and MSSP

The MITRE ATT&CK framework is a very convenient way to cover all possible threats. This knowledge base splits all attack vectors into two levels — adversary tactics and techniques. At the beginning, it could overwhelm you by many terms and details. ATT&CK Matrix is very formal. So, a direct mitigation…

Mitre

4 min read

MITRE ATT&CK framework and MSSP
MITRE ATT&CK framework and MSSP
Mitre

4 min read


Jan 1, 2021

The basics of fraud protection in ecommerce

Spoiler — this will be non technical, business-oriented content. Fraud is the sore spot for ecommerce. This cannot be eradicated completely and sometimes business just has to admit these losses. At the same time, a cost-effective anti-fraud solution is being sought. Companies evaluate the efficiency of different products and decide…

Fraud Prevention

5 min read

The basics of fraud protection in ecommerce
The basics of fraud protection in ecommerce
Fraud Prevention

5 min read


Dec 26, 2020

DoS / DDoS protection in ecommerce and fintech

Intro There are dozens of resources on the Internet which cover protection against denial-of-service attacks. I don’t want to repeat them again and give the definition. This attack type has been known for decades. No sense to retalk old commonly known stuff. So, is it really necessary to create another one…

Ddos Attack

5 min read

DoS / DDoS protection in ecommerce and fintech
DoS / DDoS protection in ecommerce and fintech
Ddos Attack

5 min read


Jul 29, 2020

Stripe Radar Rules: 5 Practical Tips

If you have a one simple ecommerce website with a limited set of goods, then it could be meaningless to worry about Radar rules adjustment. Default ML engine works quite well. But in many other cases you need to pay attention to some common fraud cases and ways to mitigate…

Fraud

6 min read

Top 5 actions around Stripe Radar
Top 5 actions around Stripe Radar
Fraud

6 min read

Vladimir Radchenko

Vladimir Radchenko

4 Followers

https://www.linkedin.com/in/radchenkovladimir/

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams