Category: DZone Security Zone

Atlanta’s Hartsfield-Jackson International Airport is the busiest in the world, serving over 93 million passengers to and from this international destination last year. There are many reasons to visit Atlanta, such as seeing the home of Coca-Cola, visiting the birthplace…

Read more →

Back with a fresh blog on Maven – no saga, just a simple update on an old project of mine. It’s like catching up with an old buddy and sharing what’s new. In this blog, we’ll dive into the world…

Read more →

As of 2022, the global market for digital twins was valued at $11.12 billion — and experts estimate an impressive annual growth rate of 37.5% from 2023 to 2030. Digital twins help connect the physical and virtual worlds, allowing workers…

Read more →

A DevOps service company can play a crucial role in assisting organizations with meeting ISO 27001 and GDPR compliance requirements by integrating security and compliance into their DevOps workflows. Such a provider can help with ISO 27001 and GDPR compliance…

Read more →

In the dynamic landscape of the Internet of Things (IoT), the convergence of Big Data and IoT software is both a boon and a puzzle for developers. The promise of harnessing vast volumes of real-time data from IoT devices to…

Read more →

Kubernetes (K8s), an open-source container orchestration system, has become the de-facto standard for running containerized workloads thanks to its scalability and resilience. Although K8s has the capabilities to streamline deployment processes, the actual deployment of applications can be cumbersome, since…

Read more →

Secure payment processing is vital for ensuring customers can shop safely on your app. Cyberattacks become more frequent each year, with a particular emphasis on stealing financial information. Luckily, you can implement a few best practices to simplify security and…

Read more →

In recent years, the number of cyberattacks has been steadily increasing, and applications have become increasingly targeted. According to a report by Verizon, web applications were the most common target of data breaches in 2022, accounting for over 40% of…

Read more →

In this article, we will delve into the crucial concept of an internal DevSecOps platform (IDSP) and why businesses need it.  The traditional approach of treating security as an afterthought or as a separate stage in the software development lifecycle…

Read more →

I wrote previously about the default configuration of Spring oauth-authorization-server. Now let’s jump into how we can customize it to suit our requirements. Starting with this article, we will discuss how we can customize the JWT token claims with default…

Read more →

In this article, we will explore one of the most common and useful resilience patterns in distributed systems: the circuit breaker. The circuit breaker is a design pattern that prevents cascading failures and improves the overall availability and performance of…

Read more →

In today’s digital age, security, and user convenience are of paramount importance for web applications. Traditional methods of authentication, such as passwords, while widely used, come with their own set of challenges, including the risk of breaches and the inconvenience…

Read more →

What Is an API Gateway? An API Gateway is a tool that acts as an intermediary for requests from clients seeking resources from servers or microservices. It manages, routes, aggregates, and secures the API requests. Like previous patterns we have…

Read more →

5G is revolutionizing digital twin technology, enabling faster data transfers, real-time monitoring, seamless collaboration, and advanced security. These features are advancing the capabilities of digital twins and the value organizations can gain from them. What are the benefits of building…

Read more →

In this article, see how to build a complete database system, in minutes instead of weeks or months: An API, and, we’ll add UI and logic to make it a microservice Logic and security: Multi-table constraints and derivations, and role-based security…

Read more →

Portable Document Format (PDF) is a file format that contains a comprehensive representation of a document, encompassing elements like text, fonts, graphics, and other components. PDF is often considered a secure document format due to its inherent security features. These…

Read more →

“I want to build a system that is highly secure, scalable, reliable, performant, compliant, robust, resilient, and durable.” Add more adjectives to that to really dream of a quintessential solution. Is that even possible? Where do we make the two…

Read more →

As a tech leader with years of experience in the custom software development industry, I’ve witnessed the rapid evolution of tools and technologies that have revolutionized how we create software. Among these, Xcode, Apple’s integrated development environment (IDE), has been…

Read more →

The holiday shopping season is upon us again, and retailers are gearing up for the highly anticipated sales events of Black Friday and Cyber Monday. While these days represent peak consumer spending, the prominence of digital channels also introduces complex…

Read more →

Portable Document Format (PDF) is a universal document-sharing and collaboration medium. From e-books to legal documents, PDFs are widely used in various business, educational, and governmental sectors. The acronym “PDF” encompasses several distinct standards, each designed for specific requirements and…

Read more →

In this article, we will see how we can customize the authentication where user details are fetched from another component/service over HTTP. Store user details as Principal and use them later while creating tokens to customize the claims in JWT…

Read more →

In the digital age, data governance isn’t a luxury; it’s a necessity. From multinationals to fledgling startups, organizations are becoming increasingly data-centric. The myriad technologies at our disposal — SQL databases, NoSQL systems, REST APIs, GraphQL, and more — offer…

Read more →

Flow is a permissionless layer-1 blockchain built to support the high-scale use cases of games, virtual worlds, and the digital assets that power them. The blockchain was created by the team behind Cryptokitties, Dapper Labs, and NBA Top Shot.  One…

Read more →

Are you running into this error message but can’t seem to get past it to digitally sign your code using a code-signing certificate? We’ll walk you through the troubleshooting solutions that’ll fix the Signtool ‘no certificates were found’ error in…

Read more →

In today’s hyper-connected world, data is often likened to the new oil—a resource that powers modern businesses. As organizations expand their operational landscapes to leverage the unique capabilities offered by various cloud service providers, the concept of a multi-cloud strategy…

Read more →

In the realm of software development, Agile methodologies have taken center stage for their ability to enable rapid and iterative progress. But what about continuous data management (CDM)? While often considered separate disciplines, closer examination reveals a symbiotic relationship that…

Read more →

What Does Data Loss Prevention Do? Throughout 2023, a private research university discovered multiple breaches of its data. In August 2023, an American educational technology company found that millions of its users’ email addresses had been scrapped. In early October…

Read more →

A domain takeover is a cyberattack when an attacker gains control of a domain name owned by another person or organization. This can have severe consequences as the attacker can use the domain for malicious purposes, such as spreading malware,…

Read more →

In today’s data-driven world, business enterprises extensively count on data warehouses to store, process, and analyze vast volumes of data. Thanks to data warehouses, the foundation of business intelligence and analytics, enterprises can make informed decisions and gain an edge…

Read more →

Spring has come out with an OAuth2 solution, and in this article, we will look at the default configuration that comes bundled with the spring-oauth server. Details about how OAuth2.0 works are out of the scope of this article and…

Read more →

The advent of the Internet of Things (IoT) has ushered in a new era of connectivity, revolutionizing various sectors, including homes, industries, and urban areas. However, this widespread connectivity also brings about significant security challenges, necessitating robust threat detection and…

Read more →

Are you someone who is looking to ensure the data privacy and security of your healthcare data? Then you’ve come to the right place. In this article, we will dive deep into AWS HIPAA compliance and provide some of the…

Read more →

The Internet of Things (IoT) has ushered in a new era of connectivity, transforming the way we live, work, and interact with our surroundings. It encompasses a vast network of devices, ranging from everyday appliances to industrial machinery, all connected…

Read more →

Flow is a permissionless layer-1 blockchain built to support the high-scale use cases of games, virtual worlds, and the digital assets that power them. The blockchain was created by the team behind Cryptokitties, Dapper Labs, and NBA Top Shot.  One…

Read more →

In the modern digital epoch, the importance of data management can hardly be overstated. Data is no longer just an operational byproduct but the lifeblood of organizations, fueling everything from strategic decisions to customer interactions. However, in this race for…

Read more →

Automated security workflows are transformative in today’s digital era. They streamline and enhance how one safeguards systems, using automation to manage manual tasks. With cyber threats on the rise, embracing modern security practices becomes vital. By adopting these innovative methods,…

Read more →

In today’s world of fragmented, ever-increasing volumes of data, the need for real-time or near-real-time access to data is paramount.  Data is your lifeline for improving business outcomes and depending on your organization’s business strategy. Plus, it can also be…

Read more →

The modern business landscape, resplendent in its technological evolution, underscores the indispensable role of Enterprise Resource Planning (ERP) systems. These systems, though monumental in their operational scope, offer the allure of a streamlined organization. However, the journey to a successful…

Read more →

There has been a growing focus on the ethical and privacy concerns surrounding advanced language models like ChatGPT and OpenAI GPT technology. These concerns have raised important questions about the potential risks of using such models. However, it is not…

Read more →

In this article, we will learn how to add user authentication with OAuth providers in your Next.js app. To do so, we’ll be using NextAuth.js, which is a user authentication solution that simplifies the whole process and has built-in support…

Read more →

This post walks through the steps to creating a simple Ethereum DApp using Web3.js and Truffle and setting up monitoring of the API transactions sent to the blockchain. This article also provides an explanation of various pieces of technology involved…

Read more →

Austin, Texas, is the 10th largest city in the US and is constantly growing, both in population and in industry. Every year, dozens of major companies either relocate or expand into the Austin area. It is also home to six…

Read more →

This is about how a cyber security service provider built its log storage and analysis system (LSAS) and realized 3X data writing speed, 7X query execution speed, and visualized management.  Log Storage and Analysis Platform In this use case, the…

Read more →

As part of our continuous effort to improve our Clean Code technology and the security of the open-source ecosystem, our R&D team is always on the lookout for new 0-day security vulnerabilities in prominent software. We recently uncovered two critical…

Read more →

Blockchain solutions are becoming more popular, signaling a rising demand for professionals who develop these systems. Just six to eight years ago, the role of a blockchain developer was relatively obscure. Today, you can find these professionals networking in dedicated…

Read more →

For the last three decades, web technology has remained relevant due to its versatile nature and wide range of applications in building solutions. The web runs virtually everything, from simple blog sites to complex and scalable web-based ERP systems in…

Read more →

Flow is a permissionless layer-1 blockchain built to support the high-scale use cases of games, virtual worlds, and the digital assets that power them. The blockchain was created by the team behind CryptoKitties, Dapper Labs, and NBA Top Shot. One…

Read more →

The recent release of the Accelerate State of DevOps Report has once again highlighted the value of organizational culture. If you create a generative culture with high trust and low blame, you’ll receive a 30% boost to your organization’s performance.…

Read more →

The need for thorough risk assessments, continuous testing, and compliance checks before full-scale deployments is unavoidable. The future of software development demands businesses to be gearing up for a delicate dance between innovation and reliability. This year, we saw enthusiasm…

Read more →

Every company wants to have a good security posture, and most are investing in security tooling. According to Gartner, worldwide spending on security is forecast to grow 11.3% in 2023 to reach more than $188.3 billion.  However, despite all this…

Read more →

There is no doubt that Jira is one of the most popular project management and issue-tracking tools for organizations. It provides a great number of benefits to teams, including improved collaboration between technical and non-technical teams, increased visibility, enhanced productivity,…

Read more →

In order to protect themselves in a growing attack landscape, companies must employ defensive security techniques and evaluate if they’re doing enough to prevent bad actors from accessing their networks. In this post, we’ll discuss types of authentication that allow…

Read more →

Taking ERC20 tokens cross-chain is broken. Today, bridges are often slow and expensive, have security vulnerabilities (as evidenced most recently by the Multichain hack), and fragment liquidity when each bridge creates its own version of the bridged token liquidity (and…

Read more →

Deployed by more than 60% of organizations worldwide, Kubernetes (K8s) is the most widely adopted container-orchestration system in cloud computing. K8s clusters have emerged as the preferred solution for practitioners looking to orchestrate containerized applications effectively, so these clusters often…

Read more →

Robust and agile security frameworks are crucial for any organization. With the shift towards a microservices architecture, a more refined, granular level of access control becomes imperative due to the increased complexity, distribution, and autonomy associated with individual service operations.…

Read more →

The service mesh has become popular lately, and many organizations seem to jump on the bandwagon. Promising enhanced observability, seamless microservice management, and impeccable communication, service mesh has become the talk of the town. But before you join the frenzy,…

Read more →

In order to provide computational resources and services over the internet, a cloud computing data center is a complex infrastructure that combines different hardware components. In this thorough overview, we will look at the various hardware parts that are frequently…

Read more →

In a world where the click of a mouse can be as powerful as a nuclear button, the evolution of cyber threats has taken a sinister turn. What was once a digital nuisance in the form of ransomware has now…

Read more →

The world of cyber threats is continually evolving, and the range of targets is constantly expanding. Fortunately, cybersecurity is rapidly progressing as well. In August 2023, two different U.S. government organizations published new reports about what to expect moving ahead,…

Read more →

In an era where cloud computing reigns supreme, the concept of security has undergone a profound transformation. As businesses rapidly migrate their operations and data to the cloud, the need to secure this digital frontier becomes increasingly paramount. Enter “Shift…

Read more →

The rise of Kubernetes, cloud-native, and microservices spawned major changes in architectures and abstractions that developers use to create modern applications. In this multi-part series, I talk with some of the leading experts across various layers of the stack —…

Read more →

Passwords have long outlived their usefulness, yet they stubbornly persist as the default for authentication. 61% of consumers believe passwords are inherently insecure, while 47% find them inconvenient and frustrating. With password reuse rampant and phishing on the rise, individuals…

Read more →

Gartner forecasts that the low-code/no-code platforms market to grow in 2024 and revolutionize the world of enterprise architecture. This burgeoning technology is set to skyrocket in adoption, propelling businesses into a new era of efficiency and agility. It is a…

Read more →

In our rapidly evolving digital age where technology underpins almost every facet of our lives, cybersecurity has never been more critical. As the world becomes increasingly interconnected with personal devices and social networks to critical infrastructure and global business operations,…

Read more →

The rapid growth of the Internet of Things (IoT) has revolutionized the way we connect and interact with devices and systems. However, this surge in connectivity has also introduced new security challenges and vulnerabilities. IoT environments are increasingly becoming targets…

Read more →

Service accounts can pose a security risk for your Google Cloud project if not managed properly. Because they are often highly privileged, anyone who is able to authenticate as a service account can likely take sensitive actions in your environment.…

Read more →

The traditional username and password combo remains the go-to for most web and mobile authentication. But as Bhawna Singh, CTO of Okta Customer Identity Cloud, shared during the Developer Keynote at Oktane 23, “It’s time we move past it.” She…

Read more →

In this document, I am going to put together a step-by-step process of connecting your Salesforce instance with Google BigQuery using Cloud Composer DAGs that are provided by Google Cortex Framework. Steps To Be Performed on the Salesforce Account For this…

Read more →

Customer identity is the new strategic battleground that forward-thinking companies must conquer to build trust, foster loyalty, and unlock new revenue in the digital-first era. As Shiven Ramji, President of Okta‘s Customer Identity Cloud, explained, “Customer identity is the first…

Read more →

At Oktane23, Okta revealed new solutions to automate identity governance, implement privileged access management, and enable continuous authentication and threat protection. Introduction Identity has historically been regarded as the gateway to grant or deny access to an enterprise’s digital resources…

Read more →

At Oktane 23, Okta’s annual flagship conference, CEO Todd McKinnon and other executives introduced one of the company’s most ambitious identity and access management (IAM) roadmaps to date during the keynote Go Beyond with AI and Identity. With pressures in…

Read more →

Since the pandemic hit the world two years ago, cloud adoption has exploded. The majority of customers use multi-clouds, which are isolated silos, and each public cloud has its own management tools, operating environment, and development environment. Companies keep investing…

Read more →

In the dynamic world of microservices architecture, efficient service communication is the linchpin that keeps the system running smoothly. To maintain the reliability, security, and performance of your microservices, you need a well-structured service mesh. This dedicated infrastructure layer is designed…

Read more →