Audits help ensure software is free of vulnerabilities. Find out how we incorporate them into our overall security strategy.
We discuss our preference for YubiKey as a form of 2FA and look at how to use YubiKey for signature verification for GitHub code commits.
Learn how digital certificates work and why Shamir’s Secret Sharing is a secure method for storing private keys.
ExpressVPN's Security Team investigated a bug that could have been exploited by signing up on Mailgun and hijacking an email subdomain.
How a highly privileged process interacting with a lower-privilege user space can lead to attackers elevating their access or a DoS attack.
Our cybersecurity team worked with Zendesk, a support software provider, to fix a flaw in its file-upload system. Here's a play-by-play of how we did it.