Snyk Security Review

snyk logo

We recently integrated Snyk into Qvault as a way to get more visibility into known vulnerabilities in Qvault’s codebase. Snyk has already patched a critical vulnerability in lodash for us. This allowed us to continue releasing new versions before the official fix for lodash was published a few days ago. We can’t speak to whether …

Read more

Secure Random Numbers in Node JS

http://thehobbyts.com/fun-dice-games-ultimate-list/

Randomness is a hard problem for computers. Most functions that generate randomness are not considered cryptographically secure. What this means is that it’s possible for attackers to take a good guess at what number a non-secure randomness generator generated. In the case of guessing a randomly generated private key, for example, this can be catastrophic. …

Read more