Here at SendSafely we’ve been using ReCaptcha for a while now to protect unauthenticated portions of our website that may be susceptible to abuse by bots (the most notable of which is our Personal URL

Here at SendSafely, we’ve advocated the use of Content Security Policy and have been running a fairly strict CSP in block mode for over a year now. With the release of Google Chrome version 40 this...

Last month we started rolling out some subtle changes to SendSafely that many users may not have noticed. For starters, we are now taking advantage of some new SSL features that Amazon announced back...

Are you a software engineering student interested in security and privacy? Are you passionate about writing secure code and working with cutting edge technologies? Do you have a strong interest in...

Security Assertion Markup Language (SAML) is a popular XML-based open standard for exchanging authentication and authorization data between two systems. In the world of enterprise cloud applications,...

If you’ve read our previous posts on Content Security Policy, you know that we spent a good amount of time getting our site to work using a fairly strict CSP.  Something we recently discussed in our ...

In case you missed the presentation by SendSafely’s Brian Holyfield and Erik Larsson at OWASP AppSec USA, we’ve posted a copy of the deck in our GitHub repository. Brian and Erik discussed some of...

Next week SendSafely will be at the 2013 OWASP AppSec USA conference, right here in New York City.  If you are interested in attending and not already registered for the conference you can do so on...

If you’ve ever used Amazon EC2 to run Linux, you probably know that the AWS console prompts you to choose an SSH key-pair when spawning a new Linux instance.  Public/private key pairs allow you to...

On SendSafely.com we make heavy use of many new JavaScript APIs introduced with HTML5. We encrypt files, calculate checksums and upload data using pure JavaScript. Moving logic like this down to the...