Expedited Security
Status
Services ▼
Expedited WAF
Expedited SSL
IP Investigator
Real Email
Resources ▼
Knowledge Base
AWS In Plain English
API Security Best Practices MegaGuide
SAAS Security Blog
Heroku Security Resources
Use Cases ▼
DDoS Protection
Bot & Malicious Traffic Blocking
Fraud Detection & Prevention
Credential Stuffing Protection
Compliance (GDPR/PCI/SOC2)
OWASP Top 10 Compliance
AI Scraping Prevention
Geographic Request Blocking
Virtual Patching
About
Contact
Status
Services
→ Expedited WAF
→ Expedited SSL
→ IP Investigator
→ Real Email
Resources
→ Knowledge Base
→ AWS In Plain English
→ Blog
→ Heroku Security Resources
Use Cases
→ DDoS Protection
→ Bot & Malicious Traffic Blocking
→ Fraud Detection & Prevention
→ Credential Stuffing Protection
→ Compliance
→ OWASP Top 10 Compliance
→ AI Scraping Prevention
→ Geographic Request Blocking
→ Virtual Patching
About
Contact
SAAS Security Blog
News and resources for development, web application security and cryptography.
Fortifying Your Digital Storefront: Essential Bot Mitigation Strategies for E-commerce
April 03, 2026
So you're making an RSA key for an HTTPS certificate. What key size do you use?
January 13, 2026
What web developers should know about HTTPS but probably don't.
January 13, 2026
What Is Certificate Pinning?
January 09, 2026
How To Setup Your Development Environment for Ruby on Rails in 2026
January 08, 2026
Ultimate Guide to Rack::Attack
January 08, 2026
Product Development for Non Us Markets
January 29, 2020
Single Multi Domain Https Certificates Are the Same Thing
January 29, 2020
'You can't use Brotli for dynamic content'
January 24, 2020
5700 upvotes later: be careful about crypto advice from Reddit.
January 24, 2020
Break the web.
January 24, 2020
CERT COMMON NAME INVALID doesn't mean what you think it does
January 24, 2020
ES2017's async/await is the best thing to ever happen to JavaScript
January 24, 2020
HAProxy for Modern Load Balancing
January 24, 2020
How to diagnose and troubleshoot JavaScript async/await issues
January 24, 2020
How to flatten an existing JavaScript codebase
January 24, 2020
HTTPS provides more than just privacy
January 24, 2020
It's happened: current Chrome is warning users about insecure pages
January 24, 2020
Modern nginx Configuration for HTTP/2 Load Balancing
January 24, 2020
Onion TLS/SSL certificate updates
January 24, 2020
Practical Prevention of Web Shenanigans With Content Security Policy
January 24, 2020
Safe ECC curves for HTTPS are coming sooner than you think
January 24, 2020
SSL 'site seals' are even worse than you thought
January 24, 2020
Strange things are afoot with Symantec's search results injection
January 24, 2020
The ultimate guide to deploying your node app on Linux
January 24, 2020
Unix things web developers often struggle with - and how to fix them
January 24, 2020
We recreated the Unix Rosetta Stone
January 24, 2020
Why can't I get a wildcard EV certificate?
January 24, 2020
Why people who know better still say 'SSL'. And 'hoverboard'.
January 24, 2020
Why there's junk in your whois results, and how you can get rid of it
January 24, 2020
Why you're always at least two steps down your HTTPS certificate chain
January 24, 2020
Wireshark is the simplest way to inspect HTTPS on your Mac
January 24, 2020
You won't remember the options for OpenSSL, so here's bash shortcuts for everything.
January 24, 2020
Your OpenSSL CSR command is out of date
January 24, 2020