Category: DZone Security Zone

In the digital age, where data breaches and cyber threats loom large, ensuring the security of your digital assets is paramount. Businesses are in dire need of robust tools that not only detect threats in real time but also provide…

Read more →

As a developer, engineer, or architect, managing and securing growing volumes of data across multiple environments can be a complex and time-consuming task. Cohesity, a leading data management company, recently presented at the 54th IT Press Tour, highlighting how their…

Read more →

In the interconnected realm of modern software architecture, Application Programming Interfaces (APIs) are the fundamental building blocks that allow disparate systems, applications, and services to communicate with each other. They facilitate the exchange of data and functionality, enabling a seamless…

Read more →

In the rapidly evolving landscape of Kubernetes, security remains at the forefront of concerns for developers and architects alike. Kubernetes 1.25 brings significant changes, especially in how we approach pod security, an area critical to the secure deployment of applications.…

Read more →

Why Do Organizations Need Secure Development Environments? The need to secure corporate IT environments is common to all functions of organizations, and software application development is one of them. At its core, the need for securing IT environments in organizations…

Read more →

Cyberattacks are a common and permanent threat. This paper is the first in a series about cybersecurity. The aim is to provide software engineers with an understanding of the main threats and how to address them. Most exploits are based…

Read more →

Hype is a funny thing. Sometimes you find yourself in a Godfather Part 2 situation where the hype is totally justified. You hear about it. You try it. Life is changed. Hooray! Other times, you find yourself in more of…

Read more →

Vishing, a fusion of “voice” and “phishing,” represents a sophisticated social engineering tactic that leverages telephonic communication to extract sensitive personal or administrative information. Though not a novel concept, historical instances underscore the enduring efficacy of vishing in breaching security…

Read more →

Connecting AWS Lambda to an AWS RDS instance allows you to build serverless applications that can interact with relational databases, thereby enabling you to manage database operations without provisioning or managing servers. This comprehensive guide walks you through the process…

Read more →

Solix, a leading provider of data management and integration solutions, recently presented to the 54th IT Press Tour, sharing insights into how their solutions can help developers, engineers, and architects organize enterprise data and optimize infrastructure. With a mission “to…

Read more →

The modern data stack represents the evolution of data management, shifting from traditional, monolithic systems to agile, cloud-based architectures. It’s designed to handle large amounts of data, providing scalability, flexibility, and real-time processing capabilities. This stack is modular, allowing organizations…

Read more →

Overview This documentation provides a comprehensive guide to setting up a Virtual Private Network (VPN) server using Pritunl, a popular open-source VPN server management platform. By following these steps, users can establish a secure and private network infrastructure suitable for…

Read more →

Artificial intelligence (AI) offers transformative potential across industries, yet its vulnerability to adversarial attacks poses significant risks. Adversarial attacks, in which meticulously crafted inputs deceive AI models, can undermine system reliability, safety, and security. This article explores key strategies for…

Read more →

What Is Incident Management? Incident management is the process of identifying, responding, resolving, and learning from incidents that disrupt the normal operation of a service or system. An incident can be anything from a server outage, a security breach, a…

Read more →

According to a report by MarketsandMarkets, the global AI in cybersecurity market is projected to skyrocket from $8.8 billion in 2020 to an estimated $38.2 billion by 2026, marking a staggering 23.3% compound annual growth rate during the forecast period.…

Read more →

This article provides a brief overview of techniques that can be used in your mobile iOS application to keep it secure enough for the vast majority of cases. If you are a junior or middle iOS developer and have not…

Read more →

Cloud computing has revolutionized software organizations’ operations, offering unprecedented scalability, flexibility, and cost-efficiency in managing digital resources. This transformative technology enables businesses to rapidly deploy and scale services, adapt to changing market demands, and reduce operational costs. However, the transition…

Read more →

Creating an OAuth 2.0 Authorization Server from scratch involves understanding the OAuth 2.0 framework and implementing its various components, such as the authorization endpoint, token endpoint, and client registration. In this detailed guide, we’ll walk through building a simple OAuth…

Read more →

When superior performance comes at a higher price tag, innovation makes it accessible. This is quite evident from the way AWS has been evolving its services:  gp3, the successor of gp2 volumes: Offers the same durability, supported volume size, max IOPS…

Read more →

Last week, we listed 16 practices to help secure one’s APIs and described how to implement them with Apache APISIX. Authentication: Verifies the identity of users accessing APIs. Authorization: Determines permissions of authenticated users. Data Redaction: Obscures sensitive data for…

Read more →