Category: DZone Security Zone

Nobody cares about security. There. I said it. I said the thing everyone feels, some people think, but very few have the temerity to say out loud. But before you call me a blasphemous heathen, I will ask for just…

Read more →

As artificial intelligence (AI) continues to revolutionize the tech industry, developers, engineers, and architects face a new challenge: managing the technical debt that comes with rapid AI adoption. Jeff Hollan, Head of Apps and Developer Tools at Snowflake, shares invaluable…

Read more →

When working on .NET applications, one main concern is safeguarding your code from unauthorized access, intellectual property theft, and reverse engineering. This can be achieved by implementing data and code protection techniques to protect the application. There are two main…

Read more →

Continuing on our fictitious financial company, Starlight, series of posts, here is how to set up a data lake on AWS with security as the primary thought. Introduction In the fast-moving financial industry, data is a core asset. Starlight Financial…

Read more →

Securing information is crucial as cyber-attacks are getting more sophisticated. Data residing in an unprotected state at rest (databases, stored files, and backups) pose one of the most significant risks. Data at rest encryption is necessary to guarantee that information…

Read more →

Securing distributed systems is a complex challenge due to the diversity and scale of components involved. With multiple services interacting across potentially unsecured networks, the risk of unauthorized access and data breaches increases significantly. This article explores a practical approach…

Read more →

As web technologies continue to advance, so do the methods and protocols designed to secure them. The OAuth 2.0 and OpenID Connect protocols have significantly evolved in response to emerging security threats and the growing complexity of web applications. Traditional…

Read more →

As a Node.js developer and security researcher, I recently stumbled upon an interesting security regression in the Node.js core project related to prototype pollution. This happened to be found while I was conducting an independent security research for my Node.js…

Read more →

As artificial intelligence (AI) continues transforming industries, organizations face increasing challenges in managing and utilizing data for AI initiatives. Recent industry surveys and expert insights highlight the critical role of effective data management in AI success. This article explores key…

Read more →

The Importance of Cybersecurity I firmly believe that in today’s cybersecurity expectations, software engineers should prioritize the security of their computer systems and internal IT networks. I would consider it to be a mistake to rely heavily on technology due…

Read more →

In 2019, a famous breach in Fortnite, the famous game, reportedly put millions of players at risk of malware. The incident highlighted the importance of properly securing SQL databases. But this is not an isolated issue. This article has been…

Read more →

< section> < article> The evolution of the internet over the past few decades has undeniably impacted how our societies function. From facilitating globalization to making new technology like social media and consumer apps available to nearly every person on…

Read more →

The rapid adoption of Generative AI (GenAI) and Large Language Models (LLMs) is transforming industries at an unprecedented pace. Nearly 90% of organizations are actively implementing or exploring LLM use cases, eager to harness the power of these revolutionary technologies.…

Read more →

Authentication and Authorization are big parts of the security puzzle that need to be solved by cloud architects and DevOps engineers. In this blog, we will specifically look at how to achieve authorization/access control; i.e., what actions the authenticated entity…

Read more →

Editor’s Note: The following is an article written for and published in DZone’s 2024 Trend Report, Enterprise Security: Reinforcing Enterprise Application Defense. Access and secrets management involves securing and managing sensitive information such as passwords, API keys, and certificates. In today’s…

Read more →

Big data systems are an increasingly common aspect of many business operations. As helpful as such a wealth of information is, these projects can dramatically impact an organization’s cybersecurity posture. Consequently, any company embracing this trend must also embrace the…

Read more →

One of the greatest wishes of companies is end-to-end visibility in their operational and analytical workflows. Where does data come from? Where does it go? To whom am I giving access to? How can I track data quality issues? The…

Read more →

In the ever-evolving world of cybersecurity, the relationship between developers and security professionals is crucial. At Black Hat 2024, industry experts shared their insights on how these two groups can work together more effectively to create more secure systems. This…

Read more →

Editor’s Note: The following is an article written for and published in DZone’s 2024 Trend Report, Enterprise Security: Reinforcing Enterprise Application Defense. With organizations increasingly relying on cloud-based services and remote work, the security landscape is becoming more dynamic and challenging…

Read more →

The swift progress in cloud technology has made data and application security an important requirement rather than just a preference. As more customer businesses are moving their operations to the cloud, safeguarding their cloud workloads — referring to all deployed applications and…

Read more →