Initially, cryptocurrency markets started out on a slow incline, but this year, in the first week of April, Bitcoin (BTC) and Ethereum demonstrated new momentum with a 20 percent gain in investment ratio. “This is a time of great opportunity”…
Category: DZone Security Zone
What Is a JWT Token?
A JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.…
How to Get Instant Java Web Security Vulnerability Alerts in GitHub
If you’re building Java web applications or Java Web API’s and you want to do your own security testing, wouldn’t you rather not run a scanner and wait forever for a PDF report full of all false positives? And wouldn’t…
Security — What if We All Speak to Each Other?
There are many books and articles on how a project must be led. In the Agile Zone, you’ll find many articles related to how to handle projects, organization, teams, products, etc. But, there is a subject that is often poorly…
Generating a Trusted SSL Certificate (Node Example)
An SSL Certificate is a file that helps browsers recognize that a domain name belongs to a server owner (as well as it’s information like name, location, company, etc). So, if you host your website without certificates, browsers will show…
Publication Release: DevSecOps Trend Report
For years, security has been an afterthought — functionality that developers and product managers often address at the last minute, right before a build is about to ship. For some individuals and teams, this practice stems from a reactive approach…
ISP Selling Data: Why You Should Actually Care
Unbeknownst to you, there’s a good possibility that your Internet Service Provider (ISP) regularly sells your data to boost their profits. Since the US Congress voted to roll back the FCC protections against the practice, American ISPs now have the…
2020: It’s Time to “Walk the Walk” When it Comes to Software Security
2019 demonstrated that the adoption rate of consumer IoT devices continues to increase. From new doorbells with cameras that connect to smartphones, to advanced TVs and refrigerators that are making the smart home a reality, consumers have access to more connected…
How Security Keeps Up When Developers Drive Open-Source
Open source is transforming software development. No longer do individual businesses need to purchase or build everything they need in-house. Instead, they can rely on a modern, interdependent ecosystem in which developers work together on mutually beneficial projects. This way, a single…
Special Cases Are a Code Smell
LA Parking Sign A Warning Sign Los Angeles is famous for its complicated parking signs: They’re totems of rules and exceptions, and exceptions to the exceptions. Often, when we code, we forget a lesson that’s obvious in these preposterous signs: Humans…
DevSecOps, SecDevOps, or RainbowMonkeyUnicornPony? [Interview with DJ Schleen]
While DevOps is forging boldly into the future, security is still trailing behind in many organizations. So, it’s important that we understand how to apply notions of (traditionally static) security into environments that are built to foster continuous development. I,…
ISP selling data: why you should actually care
Unbeknownst to you, there’s a good possibility that your Internet Service Provider (ISP) regularly sells your data to boost their profits. Since the US Congress voted to roll back the FCC protections against the practice, American ISPs now have the…
Multi-tenancy authentication through Kong API Gateway
The API Gateway pattern implements a service that’s the entry point into a microservices-based application from external API clients or consumers. It is responsible for request routing, API composition, and other edge functions, such as authentication. When working with a microservices…
Develop for Safety and Protect User Privacy through Geofencing
Do you allow your spouse or partner to track your location? Your parents? Your extended relatives? Your friends? Hyperconnectivity has lent a sense of normalcy to the concept of sharing locations with multiple applications and people with varying degrees of…
How SMC Allows You to Perform Advanced Data Collaboration Without Exposing Your Data
Data collaboration is the process of combining datasets together to generate new value from data-driven insights. The datasets being combined can come from different organizations, or they can come from data silos internal to an organization. A number of use…
Top Secrets Management Tools Compared
As apps become more complex in the way they use microservices, managing API keys and other secrets becomes more challenging as well. Microservices running in containers need to transfer secrets to allow them to communicate with each other. Each of…
HTTP and Scalable Software Systems
If you think about the World Wide Web, it’s easy to imagine it as a single software system. Once you do, you realize it’s the largest software system the world has ever created — probably by hundreds of orders of…
Public Key Cryptogrophy – The Puzzle of Private and Public Keys
Whenever we disclose any of our private information (or any type of info that might hamper our lives if it gets into the wrong hands) to an authority online, we always have second thoughts about how communication networks work and…
7 Crucial Questions About Quantum Computing and Cybersecurity
What Is Quantum Computing? Quantum computers take advantage of the very nature of quantum physics to create an entirely new computing paradigm, unlike the traditional 0/1 gated computers we have been using since the 1960s. Instead, they run on quantum…
Why Use Smart Contracts to Build Blockchain Applications?
One of the most crucial features of Blockchain Technology is its decentralized nature. This means that the information is shared by all the parties of the networks. Hence, it eliminates the need for middlemen or intermediaries to facilitate operations. This…
How Bitcoin Processing Units Are Being Used For Mining Digital Currency
It’s a famous fact that bitcoin mining hardware has changed by leaps and bounds lately due to the growth of new central processing units in the marketplace. The new machines may conduct Bitcoin processing at a faster rate when compared…
Develop for Safety and Protect User Privacy through Geofencing
Do you allow your spouse or partner to track your location? Your parents? Your extended relatives? Your friends? Hyperconnectivity has lent a sense of normalcy to the concept of sharing locations with multiple applications and people with varying degrees of…
Top Free Security Testing Tools
Sometimes, considered as hard to automate, security testing lacks the resources and tools that assist in making it simple to learn. We have found many testers unaware of the free and open source security testing tools that are available to…
We Trust Blockchain Says the Card Payment Industry – But Why Still the Struggle
Eliminate the middleman to boost security! A promise made by blockchain is already nailing the card payment industry. Ever since the emergence of Bitcoin in 2009, the number of blockchain wallets increased to approximately 42 million users in September end…
Open Policy Agent, Part III – Integrating With Your Application
In the previous entry in this series, we discussed developing policies with Open Policy Agent. In this final article, we are going to focus on how you can integrate Open Policy Agent with your application. Integrating OPA With Your Application There…