Category: DZone Security Zone

Psychological safety isn’t about fluffy “niceness” — it is the foundation of agile teams that innovate, adapt, and deliver. When teams fearlessly debate ideas, admit mistakes, challenge norms, and find ways to make progress, they can outperform most competitors. Yet,…

Read more →

Threat modeling is often perceived as an intimidating exercise reserved for security experts. However, this perception is misleading. Threat modeling is designed to help envision a system or application from an attacker’s perspective. Developers can also adopt this approach to…

Read more →

Hey there! I’m Rocky, the face behind CodeLivly, where I share all things tech, code, and innovation. Today, I want to talk about something super important for anyone diving into the world of DevOps: networking. Networking might sound a bit…

Read more →

In the era of artificial intelligence, the use of large language models (LLMs) is increasing rapidly. These models offer amazing opportunities but also introduce new privacy and security challenges. One of the essential security measures to address these challenges involves…

Read more →

Companies are now turning to data as one of the most important assets in their businesses, and data engineers are in the midst of managing and improving this asset and its effectiveness. In addition, the integration of data engineering with…

Read more →

Amazon Aurora PostgreSQL-compatible edition major version 12.x and Amazon RDS for PostgreSQL 12 reach the end of standard support on February 28, 2025. Higher database versions introduce new features, enhancing operational efficiency and cost-effectiveness.  Identifying qualified databases and upgrading them…

Read more →

The improvement of artificial brainpower (artificial intelligence) has improved many fields, including digital protection. Notwithstanding, this mechanical improvement is a two-sided deal. While computerized reasoning brings many advantages, it also empowers cybercriminals to send off progressively complex and disastrous assaults. …

Read more →

It is not a coincidence that non-human identities (NHIs) have come into focus recently while AI-powered tools and autonomous agents are rapidly being adopted. In fact, this is partially what is driving the explosion of NHIs in the enterprise. This…

Read more →

Safeguarding critical infrastructure from ransomware has become a critical issue in today’s interconnected world. Regions, for instance, power clinical benefits and government face extending perils that could disturb supplies, impact fragile data, and cause essential financial and reputational hurt.  Ransomware…

Read more →

Artificial intelligence operates as a transformative force that transforms various industries, including healthcare, together with finance and all other sectors. AI systems achieve their highest performance through data that has been properly prepared for training purposes. AI success depends on…

Read more →

Defending against zero- to low-cost attacks generated by threat actors (TA) is becoming increasingly complex as they leverage sophisticated generative AI-enabled infrastructure. TAs try to use AI tools in their attack planning to make social engineering schemes, convincing phishing emails,…

Read more →

Google BigQuery, Google Cloud’s data warehouse, provides a comprehensive suite of tools to help you control who can access your valuable data and what they can do with it. This blog post dives into the essential principles and practical techniques…

Read more →

Introduction to Kata Containers Kata Containers is an open-source project designed to deliver a secure container runtime environment by utilizing the virtualization layer provided by the server instance. Unlike traditional containers, Kata containers run within lightweight virtual machines (VMs) created…

Read more →

Real-time data streaming is changing the way organizations handle information. Whether it’s IoT devices sending sensor updates, retail platforms tracking customer activity, or financial institutions monitoring transactions for fraud, processing data “as it happens” gives you a major edge. When…

Read more →

Every programming language comes with its own set of security vulnerabilities, and JavaScript is no exception. Exploiting JavaScript vulnerabilities can lead to data manipulation, session hijacking, unauthorized data access, and more. Although commonly associated with client-side functionality, JavaScript security risks…

Read more →

More businesses than ever rely on cloud computing technologies to deliver reliable services at scale. With this shift to cloud-native technologies, microservices, and abstraction, the battle for security has shifted with it. Cloud security is no longer about traditional firewall…

Read more →

On one side, U.S. laws expand data access in the name of national security. On the other hand, French SecNumCloud ensures digital independence for European businesses. Let’s break down the implications of these two models on cybersecurity, compliance, and the…

Read more →

Governance, Risk, and Compliance (GRC) certifications have become crucial for professionals keen on securing cybersecurity and risk management roles. These certifications validate one’s skills and expertise, opening the door to new career opportunities in a dynamically changing environment.  With the…

Read more →

Recently, the Open Worldwide Application Security Project (OWASP) updated its Top 10 Risks for Mobile Applications for the first time since 2016. The security risk at the top this time? “Improper credential usage.” This is a wake-up call to mobile…

Read more →

Today’s cloud environments use Kubernetes to orchestrate their containers. The Kubernetes system minimizes operational burdens associated with provisioning and scaling, yet it brings forth advanced security difficulties because of its complex nature. The adoption of Kubernetes by businesses leads organizations…

Read more →