Development and Security

Jemurai is a security company with deep experience in both application development and security.

Fractional CISO

We help you build a security program.

JASP: Cloud Security Automation

Use our platform to continuously check the security of your systems.


We teach leaders and developers about security in fun, hands on and language relevant training with online reinforcement.

Penetration Testing

We break apps to make them stronger.

Latest Jemurai Blog Posts

It’s a Trap! Avoiding the Security Budget Trap.

Posted By

It’s a trap.  You know it’s a trap.  But you don’t know how to avoid the trap. It is budget season.  You need to start defining your budget for 2019.  There are two main ways I’ve seen this play out. Wants You take a look at your program, think about a couple of tools you […]

Aug 28,2018No Comments

CSRF Tokens with Restful API’s

Posted By

Our team was recently working on a test where we noticed that the application, which was a Single Page App (SPA) in front of a RESTful API was using session cookies but did not have Cross Site Request Forgery (CSRF) tokens.  When we discussed the issue with the development team, they indicated that in all […]

Aug 27,2018No Comments

JASP 1.1

Posted By

In case you haven’t seen it, we’ve made some awesome progress in our JASP tool: We added more advanced scoring and a “The One Thing™” screen which captures the one thing you should go fix. With 1.1 we’re adding Reporting capabilities, including slice and dice by AWS service, date introduced, etc. Updated product web site:  […]

Aug 22,2018No Comments