Paragon Initiative Enterprises Blog

The latest information from the team that develops cryptographically secure PHP software.

Scott Arciszewski - Blogroll

Chief Development Officer

With 15 years of software development, application security, and system administration experience, Scott aspires to help others attain a happier work-life balance by solving difficult problems and automating trivial tasks. He is mostly known in the community for his open source software security research and strong progressive positions on providing tools and frameworks that are secure by default. @CiPHPerCoder


Preventing Timing Attacks on String Comparison with a Double HMAC Strategy

Preventing side-channel attacks (i.e. timing attacks on MAC validation) and dangerous compiler optimizations with a blinded comparison.


Coming to WordPress 4.4: CSPRNG

In version 4.4 and on, WordPress's random number generator function (wp_rand) will now be cryptographically secure.


How to Safely Implement Cryptography Features in Any Application

No matter what language you're developing in, there's really only one cryptography library that shines above the rest.


A Gentle Introduction to Application Security

We aren't satisfied with the industry's current attempts to teach the basic concepts of application security to software developers; instead, we propose a gentler model.


Need Technology Consultants?

Will tomorrow bring costly and embarrassing data breaches? Or will it bring growth, success, and peace of mind?

Our team of technology consultants have extensive knowledge and experience with application security and web/application development.

We specialize in cryptography and secure PHP development.

Let's Work Together Towards Success

Our Security Newsletters

Want the latest from Paragon Initiative Enterprises delivered straight to your inbox? We have two newsletters to choose from.

The first mails quarterly and often showcases our behind-the-scenes projects.

The other is unscheduled and gives you a direct feed into the findings of our open source security research initiatives.

Quarterly Newsletter   Security Announcements