MacOS High Sierra Authentication Vulnerability

Earlier today, news broke about a potential vulnerability in MacOS High Sierra. Learn what’s broken and how to protect your own computer.

php[architect]: The Journey to PCI Compliance

In the November edition of the monthly Security Corner column, Eric Mann covers the PCI standard and how developers can stay compliant.

End-to-end data encryption: why HTTPS is not enough

Tozny CEO Isaac Potoczny-Jones published an article this month with SC Media covering end-to-end data encryption.

Tozny at php[world]

Eric Mann, from Tozny’s engineering team, will be presenting two talks at 2017’s php[world] conference in Washington, D.C the week of November 15th.

Tozny at SOFWERX

Our CEO, Isaac Potoczny-Jones, will be exhibiting at SOFWERX’s Cyber Capability Expo this October in Tampa, FL.

Equifax, Cryptography, and the Anatomy of a Data Breach

The recent Equifax hack reminds us just how vulnerable our information can be if the hands that hold it fail to properly secure that data.

Secure Data Sharing with InnoVault

When paired with the full e3db SDK on a secure server, InnoVault becomes both a data collection and secure data sharing platform.

Leveraging Encrypted Data with InnoVault

Learn how to read and summarize encrypted data with InnoVault in this tutorial covering both the InnoVault SDK and the e3db SDK for Ruby.

Secure Authentication with Libsodium

Learn how Tozny uses passwords, Libsodium, and elliptic curves to power secure authentication for InnoVault’s new Admin Console.

Making Browser Crypto Safe for the Modern Web

Tozny is committed to providing the best tools possible for you to safely integrate browser crypto tools like InnoVault with your own site.

Secure HTTPS Headers for JavaScript with Lambda@Edge

Delivering JavaScript securely is super important when you do crypto in the browser. Since the web version of our InnoVault product does browser-based key generation and encryption, it relies on secure JavaScript code delivery. With the help of the good folks at Amazon, Tozny has been running a pilot with Amazon Web Services’ (AWS) new Lambda@Edge capability to add secure HTTPS headers to the scripts we deliver on the CloudFront CDN. …

InnoVault Customer Profile – Jack

Over the next several weeks, we want to introduce you to some of the key customers of our new product, 

Jack is a senior backend engineer with a large enterprise software firm. He has a lot of experience working with secure systems and takes the time to guarantee data privacy is considered throughout the various steps of his long release cycle. He’s a frequent reader of various forums, …

InnoVault Customer Profile – Brian

Innovault makes encryption easy for developers. Read this example of how Brian, a mobile developer, using InnoVault for data security.

InnoVault Customer Profile – Sue

Innovault makes encryption easy for developers. Read this example of how Sue, a web developer, using InnoVault for data security.

Tozny Launches InnoVault – Encryption Toolkit For Developers

We are proud to announce the release of our latest product, InnoVault — a toolkit that enables developers building websites, apps, and other software to easily embed end-to-end encryption for data security and privacy. 2016 saw a 40% increase in data breaches over 2015, and the team here at Tozny decided we wanted to do something about it. InnoVault is our answer to protecting user data with the same type of robust measures already used for credit cards, …

Security for Small Business – Security Checklist

Over the past several weeks, we’ve covered four topics that comprise a useful “security checklist” any business, big or small, can follow to improve the security of their business.

Security for Small Business – Regulatory Compliance

Several of the rules and regulations vital to a secure business hide behind obscure acronyms. Learn what they are and why your business should care about regulatory compliance.

Security for Small Business – Critical Crypto

Cryptography is hard. It’s a deep field filled with intense mathematics and littered with traps that can easily snare the unwary. That being said, there are critical crypto tools that help set even small businesses apart and help to protect the long-term viability of their enterprise.

Security for Small Business – Application Integrity

Businesses of every size need to cope with the eventual loss or corruption of data or critical infrastructure. These are risks that impact the long-term viability of your business by threatening overall application integrity and business trust.

Security for Small Business – Secure Architecture

Ensuring that a modular architecture is also a secure architecture requires a development team to be principled and intentional throughout the engineering process. It is possible to leverage modular technologies and utilize tools like analytics engines and advertising without compromising user privacy.