Max Serrano

Jan 25, 2024 | figma.com | Griffin Choe |Hongyi Hu |Max Serrano |Carly Ayres

Dec 8, 2023 | figma.com | Hongyi Hu |Max Serrano

Here's how the Figma security engineering team leveraged commit signatures and Okta Device Trust certificates to protect GitHub release branches. Release branches on GitHub are the source of truth for code deployed to production, which makes them a prime target for an attacker trying to compromise Figma. As Figma scales and more engineers ship code every day, the attack surface has only grown.

Oct 24, 2023 | figma.com | Hongyi Hu |Max Serrano

Seccomp, short for secure computing mode, can restrict the system calls a program is allowed to make. As a quick refresher, unlike VMs, container isolation happens at the operating system (OS) layer and typically relies on the host’s OS features for security isolation, such as kernel features like namespaces, cgroups, or privilege dropping. While features like image processing and data parsing are core to applications like Figma, they introduce risks that security teams have to mitigate.

Oct 24, 2023 | figma.com | Hongyi Hu |Max Serrano

A VM is a guest virtual computer that behaves like a real physical computer with its own memory, disk, and CPU. Seccomp can restrict the system calls a program is allowed to make. At Figma, rather than try to prevent security vulnerabilities entirely, we employ server-side sandboxing (also known as workload isolation), to minimize these security risks.

Oct 24, 2023 | figma.com | Hongyi Hu |Max Serrano

Image processing, parsing, compression, and thumbnailing—creating a small thumbnail image of a large design file—are common image or data processing operations. Often, the libraries that perform these operations are written in memory-unsafe languages like C++. Many popular libraries have a history of memory corruption vulnerabilities. ImageTragick was a famous, critical security vulnerability in the commonly used ImageMagick library discovered in 2016.