Security doesn't have to live in applications directly, often the best defenses come from how application architecture is designed. In this post, we highlight the API gateway as an architecture layer that creates defense in depth and helps to mitigate application security failures.

JumpWire has released an open-source Community Edition, free for anyone to use. It supports popular features such as database access via SSO, application-level field encryption, and group access privileges.

JumpWire will be participating in fintech_devcon 2023, this year as a sponsor! Last year's event was a highlight, and this year we will run a workshop on security for developers.

The benefits of field-level encryption is often misunderstood, as many developers don't fully understand its benefit to application security. In this post, we outline why this technique is critical to building systems that are impervious to data leaks.

In part two of our series on securing serverless, we show how to protect data that needs to be used by a backend, either in queries or application business logic. These are scenarios where decrypting the data before processing is too much overhead, and limits the ability to use the database engine for computation.

Security is often viewed as a "cost" of doing business, but what happens when a new customer deal gets blocked due to data sharing concerns? This post outlines how to extend your security controls to cover your customer's objections.

Cole Grolmus interviews Ryan Cooke about data security, JumpWire, and asks the hard question... why encrypt?

Serverless databases are having a moment, as developers ditch managing infrastructure but don't want to give up SQL. But does adopting an internet-facing database mean our applications are inherently less secure?

An technical dive into the biggest supply chain hack of all time, illustrating how attackers infected a popular monitoring tool with a backdoor without anyone noticing.

Running a security CTF event takes a lot of work. This explanation of how we planned and hosted our CTF at Shmoocon 2023 dives into the details behind our infrastructure, as well as what happened during the live event.

JumpWire is launching an HTTP proxy as a beta release, the most significant upgrade their data security platform to date. Fully compatible with the database proxy, this feature can transform any application into a secure data vault.

This post describes how to use Svelte as a standalone app, outside of the full-fledged app framework SvelteKit. The framework brings a lot of benefits, such as routing and SSR, but often a setup using a lightweight server backend such as node is better for simple projects.

JumpWire will be participating in ShmooCon as a sponsor! This has been our personal favorite hacker conference in the past, and we look forward to seeing everyone at our booth.

JumpWire moved Clusters to general availability for all customers, to enable multi-node deployment options, policy testing and promotion, and a preview of an upcoming feature.

Svelte's reactive component properties beautifully combine with LiveView's web socket assignments and state management, to create web applications that are reactive from the database to the browser unlike any other.

This post outlines how encryption is used as a data security measure, and examines "server-side encryption" in Amazon Web Services to highlight how it fails to implement those safeguards.

A deep dive on how pooled connections work in the Elixir DBConnection library.

JumpWire is pleased to announce the availability of our free self-service tier, for teams to try the platform in a dev environment or to run in small production setups with a single database or API.

A discussion of early company building that lays out a framework for investing in security that is not reactive to customer inquiries, audits or incidents.

An in-depth analysis of a 2019 data breach affecting 100+ million customers of the U.S. bank Capital One, specifically how it exposed complicated risks inherent in cloud security.

How to utilize delta conflict-free replicated data types for managing distributed cache or configuration state on an Elixir cluster.

This post describes how to leverage rich, dynamic path-based navigation using SvelteKit to manage state in Svelte Components, building on the routing capabilities and Svelte stores that SvelteKit provides to represent path and navigation state.