Here at SendSafely we’ve been using ReCaptcha for a while now to protect unauthenticated portions of our website that may be susceptible to abuse by bots (the most notable of which is our Personal URL


Tags: Engineering

Here at SendSafely, we’ve advocated the use of Content Security Policy and have been running a fairly strict CSP in block mode for over a year now. With the release of Google Chrome version 40 this...


Tags: Engineering

Last month we started rolling out some subtle changes to SendSafely that many users may not have noticed. For starters, we are now taking advantage of some new SSL features that Amazon announced back...


Tags: Engineering

Are you a software engineering student interested in security and privacy? Are you passionate about writing secure code and working with cutting edge technologies? Do you have a strong interest in...


Tags: Engineering

Security Assertion Markup Language (SAML) is a popular XML-based open standard for exchanging authentication and authorization data between two systems.  In the world of enterprise cloud...


Tags: Engineering

If you’ve read our previous posts on Content Security Policy, you know that we spent a good amount of time getting our site to work using a fairly strict CSP.  Something we recently discussed in our ...


Tags: Engineering

November 25, 2013

Slides from OWASP AppSec USA

In case you missed the presentation by SendSafely’s Brian Holyfield and Erik Larsson at OWASP AppSec USA, we’ve posted a copy of the deck in our GitHub repository.  Brian and Erik discussed some of...


Tags: Engineering

November 13, 2013

AppSec USA 2013 in NYC!

Next week SendSafely will be at the 2013 OWASP AppSec USA conference, right here in New York City.  If you are interested in attending and not already registered for the conference you can do so on...


Tags: Engineering

If you’ve ever used Amazon EC2 to run Linux, you probably know that the AWS console prompts you to choose an SSH key-pair when spawning a new Linux instance.  Public/private key pairs allow you to...


Tags: Engineering

On SendSafely.com we make heavy use of many new JavaScript APIs introduced with HTML5. We encrypt files, calculate checksums and upload data using pure JavaScript.  Moving logic like this down to the...


Tags: Engineering