Category: DZone Security Zone

In today’s interconnected digital landscape, the proliferation of Application Programming Interfaces (APIs) has revolutionized the way systems communicate and exchange data. Yet, with this seamless connectivity comes the inherent vulnerability of exposing sensitive information to potential security threats. This underscores…

Read more →

This guide walks you through setting up a secure REST API using Nest.js in Node.js. We’ll create a login system with JWTs and implement best practices for token management and API security. Setting Up Nest.js Prerequisites: Node.js installed. This article…

Read more →

Modern-day software development approaches like DevOps have certainly reduced development time. However, tighter release deadlines push security practices to a corner. This blog explains how Shifting Security to the Left introduces security in the early stages of the DevOps Lifecycle,…

Read more →

In the ever-evolving landscape of digital integration, APIs (Application Programming Interfaces) serve as the conduits that connect disparate systems, enabling seamless communication and fostering innovation. As the architects of digital experiences, product managers play a crucial role in orchestrating these…

Read more →

In the dynamic landscape of digital product development, APIs (Application Programming Interfaces) have emerged as indispensable tools that not only connect systems but also play a pivotal role in shaping product roadmaps. In this exploration, we will unravel the multifaceted…

Read more →

Organizations are gradually becoming concerned regarding data security in several instances, such as collecting and retaining sensitive information and processing personal information in external environments, which include information sharing and cloud computing. Some of the commonly used solutions, however, do…

Read more →

As we step further into the digital age, the importance of data security becomes increasingly apparent. Our interactions, transactions, and even our identities are frequently translated into data, which is stored, transferred, and processed in the digital realm. When this…

Read more →

As teams moved their deployment infrastructure to containers, monitoring and logging methods changed a lot. Storing logs in containers or VMs just doesn’t make sense – they’re both way too ephemeral for that. This is where solutions like Kubernetes DaemonSet…

Read more →

You probably are here because you leaked a secret somewhere and want to get straight to rotating the secret. If you are a solo developer or you know for sure you are the only user of the secret and understand…

Read more →

Software projects are vulnerable to countless attacks, from the leak of confidential data to exposure to computer viruses, so any development team must work on an effective risk analysis that exposes any vulnerabilities in the software product. A well-executed risk…

Read more →

The U.S. Securities and Exchange Commission (SEC) recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. Some requirements apply to this year—for example, disclosures for fiscal years ending December 15, 2023, or…

Read more →

In the ever-evolving software development landscape, staying up-to-date with the latest technologies is paramount to ensuring your applications’ efficiency, security, and maintainability. As a stalwart in the world of programming languages, Java continues to transform to meet the demands of…

Read more →

The escalating frequency and sophistication of cyber threats pose a significant challenge in today’s interconnected world. With the rapid digitization of various sectors, the attack surface for malicious actors has expanded, making businesses, governments, and individuals more vulnerable to cyber…

Read more →

SPIRL is a full workload identity solution based on SPIFFE (Secure Production Identity Framework for Everyone). What does this mean? What is SPIFFE and isn’t it already for everyone? Or if not, how could “everyone” include more “everyone”? The most…

Read more →

In the ever-evolving digital landscape, data is often referred to as the “new oil,” serving as a crucial asset for businesses, researchers, and governments alike. As the volume, velocity, and variety of data grow, data management—encompassing facets like data integration,…

Read more →

In today’s dynamic digital landscape, secure and efficient access management is paramount for organizations navigating the complexities of remote work and diverse application landscapes and going through the digital transformation. Previously, the security plan for safeguarding on-prem/internal resources from attackers…

Read more →

When most people think of Santa Clara, they immediately think of the San Francisco 49ers, as that is where their stadium sits. They might also think of California’s Great America, an amusement park that has been keeping folks entertained since…

Read more →

Across diverse industries, spanning from manufacturing to healthcare, an abundance of sensors and other IoT devices diligently gather information and produce insightful data every day. Oftentimes, this data then needs to be passed down to some storage, processed accordingly, and…

Read more →

In the ever-expanding landscape of the Internet of Things (IoT), where billions of devices seamlessly communicate and exchange data, the importance of standards and protocols cannot be overstated. These essential frameworks serve as the connective tissue that enables interoperability, security,…

Read more →

Monitoring becomes a crucial component of managing and optimizing cloud environments as companies move their operations more and more to the cloud. The performance, availability, and security of cloud-based applications and infrastructure are ensured through continuous data collection, analysis, and…

Read more →