ReDoS - the security threat that no-one knows about. At least that how it seems, every time I talk to developers about ReDoS and get blank looks. Or when the results of a code audit highlight a bunch of evil regular expressions. We need to talk about ReDoS. In this post, I’ll explain what ReDoS actually is, and what developers can do about it. What is ReDoS? So, what is a ReDoS attack?