Enhancing Data Management and Security in Xano and UploadCare
In this technical meeting, the State Changers discussed methods to dynamically update a hard-coded timestamp annually for a client project. They explored the option of storing the year in a field in the table, enabling a more efficient equality query instead of an inequality query.
Later, they delved into the limitations of the file storage system in Xano, highlighting that all files in Xano are publicly accessible and cannot be deleted or renamed programmatically. They recommended using UploadCare, a more secure file management system.
Apart from this, they also discussed the security implications of distributing snippets in Xano, which typically include an API endpoint, thus warranting careful usage.
They also touched on the topic of penetration testing as a part of cybersecurity, recommending contacting a trusted professional who previously worked for the Fort Meade team for conducting the test. Additionally, they also recommended "Try Hack Me," a cybersecurity educational resource for those seeking to gain a firsthand understanding of online security.
The meeting concluded with a plan to connect a State Changer with a cybersecurity professional for potential penetration testing of a product due to launch within a month.