Category: DZone Security Zone

The emergence of AI agents has created a “security ticking time bomb.” Unlike earlier models that primarily generated content, these agents interact directly with user environments, giving them freedom to act. This creates a large and dynamic attack surface, making…

Read more →

As artificial intelligence advances at rates never previously encountered, its impact upon society is taking hold ever more profoundly and extensively. From autonomous vehicles and personalized medicine to generative media and intelligent infrastructure, AI is changing every area it touches.…

Read more →

In 2025, software development is evolving rapidly with the rise of Vibe Coding and Agentic AI, but so is the cryptographic landscape that underpins these systems. As quantum computing moves closer to practical applicability and encryption standards become outdated, one…

Read more →

Secrets management in AWS has traditionally relied on long-lived secrets stored in Secrets Manager or Parameter Store. But as attack surfaces grow and threat actors become faster at exploiting exposed credentials, even rotated secrets begin to look like liabilities. The…

Read more →

Managing public key infrastructure (PKI) is challenging, especially in dynamic, cloud-native environments. In the “good old days,” you could create a virtual machine, place a certificate on it, and forget about it for a couple of years (or at least…

Read more →

In this third article of the AI infrastructure series, you will learn about AI infrastructure compute, storage, observability, performance, optimization (deep dive), and security. This is the final part in my three-part AI infrastructure series. It’s recommended to read the…

Read more →

Artificial intelligence is no longer such a far-fetched example of technology in software development; it is already a strong catalyst for change in software development. Machine learning requires less time, offers more intelligent decision-making, and streamlines repetitive tasks by using…

Read more →

In most organizations, security and compliance are enforced twice — once during build-time checks and again at runtime through admission controllers and monitoring systems. Often, the policies written at build-time are not reused at runtime, leading to drift, redundancy, and…

Read more →

Overview HTTPS is the most common mechanism used to protect client-server communication on the internet. Most teams focus on SSL/TLS and server-side hardening — and for good reason — but security is layered: the system is only as strong as…

Read more →

About Supply Chain Supply chain means that the entire system is involved, from the producer to the customer. This process involves producing and delivering a product or service to the customer. It includes all the methods, systems, organizations, people, activities,…

Read more →

Many SaaS teams pay more attention to encryption, firewalls, and compliance checks. They often overlook an essential asset: documentation.  Documentations may not be as exciting as a new firewall or security tool. However, unclear, outdated, or incomplete setup guides, API…

Read more →

“Ownership” is one of the harder concepts to define in the modern enterprise.  This feels deceptive because, from a personal and human level, ownership is a rather straightforward concept. When you own something as a person, like your car or…

Read more →

Imagine this: You are a developer who has been tasked with solving a difficult problem that causes revenue loss by the minute. Your managers and leaders have pulled you from your current priorities and asked you to look at the…

Read more →

The Model Context Protocol (MCP), introduced in late 2024, is a significant move forward towards transforming the agentic AI revolution by providing a mechanism for them to connect with enterprise tools, APIs, and databases. The protocol presents a standardized way for large language models…

Read more →

Relevance of the Study Modern organizations are increasingly turning to cloud technologies to improve the flexibility, scalability, and efficiency of their IT infrastructure. One important tool in this process is Infrastructure as Code (IaC), which allows organizations to describe their…

Read more →

We all know that the internet works by sending and receiving small chunks of data called packets. Back in the early days, when the internet was still in its infancy, packets were allowed to transfer freely across a connected world,…

Read more →

Why Does It Matter? When we talk about a regulated workload, we talk about compliance. These compliances are industry standards that govern how data is processed, stored, and managed. That is why these workloads need to be clean and should…

Read more →

Data governance has historically been the least glamorous part of data engineering. Engineers thrive on building things, designing scalable pipelines, curating high-quality datasets, and enabling machine learning models that deliver real business impact due to business demands. Governance, on the…

Read more →

You’re a startup fresh out of your development-focused cycle, starting to gain traction and demo your product to potential clients. As someone working at a freshly minted Series A company, I understand the priority: get the product working. In our…

Read more →

Despite rapid advancements in test automation and the use of AI in software testing, manual testing is still a fundamental part of software Quality Assurance in 2025. Recent data from multiple industry reports confirm the ongoing value of manual testing…

Read more →