Category Archives for "Out of Band Verification"

Article: Don’t fall into the MVP trap!

In August, Software Magazine published Tozny CEO Isaac Potoczny-Jones’ article on building security into the software development lifecycle. His key point is that the market demands of software development encourage leaving security to the end user for a variety of reasons:

  • Many companies want to validate a market before investing in product security, so the “minimum viable product” (MVP) approach might leave it out.
  • The risk of getting attacked is lower at the beginning of a product’s lifecycle, …

Man in the Browser: Attack and Defense

[image src=”×141.png” shape=”img-rounded” class=”alignright size-medium wp-image-3109″] A successful man in the browser attack is devastating: The attacker gets full control over your account and you have no idea it is happening. In this post, we discuss the attack, its impact, and why typical mitigations fall short. Finally, we toot our own horn a bit and show how Tozny addresses the threat.