Tag: DZone Security Zone

The platform team had done it again — a new version of the golden path was ready. Cleaner templates, better guardrails, smoother CI/CD. But as soon as it rolled out, messages started flooding in: “My pipeline broke!”, “The new module…

Read more →

The rapid ascent of artificial intelligence has ushered in an unprecedented era, often likened to a modern-day gold rush. This “AI gold rush,” while brimming with potential, also bears a striking resemblance to the chaotic and lawless frontier of the…

Read more →

Launching a SaaS startup is like riding a rocket. At first, you’re just trying not to burn up in the atmosphere — delivering features, delighting users, hustling for feedback. But, as you start to scale, you realize: security isn’t just…

Read more →

Nowadays, most application requires authentication and authorization due to increased threat levels, and not only do they need to be secured, but also scalable due to increased traffic volume. It’s not that the application doesn’t have authentication and authorization in…

Read more →

What Are Passkeys? You know how annoying it is to remember all those different passwords for every single website? And how terrifying it is when you hear about a company getting hacked, and suddenly, your password for that site might…

Read more →

Microservices at Adobe Adobe’s transformation from desktop applications to cloud offerings triggered an explosion of microservices. Be it Acrobat, Photoshop, or Adobe Experience Cloud, they are all powered by suites of microservices mainly written in Java. With so many microservices…

Read more →

The emergence of AI agents has created a “security ticking time bomb.” Unlike earlier models that primarily generated content, these agents interact directly with user environments, giving them freedom to act. This creates a large and dynamic attack surface, making…

Read more →

As artificial intelligence advances at rates never previously encountered, its impact upon society is taking hold ever more profoundly and extensively. From autonomous vehicles and personalized medicine to generative media and intelligent infrastructure, AI is changing every area it touches.…

Read more →

In 2025, software development is evolving rapidly with the rise of Vibe Coding and Agentic AI, but so is the cryptographic landscape that underpins these systems. As quantum computing moves closer to practical applicability and encryption standards become outdated, one…

Read more →

Secrets management in AWS has traditionally relied on long-lived secrets stored in Secrets Manager or Parameter Store. But as attack surfaces grow and threat actors become faster at exploiting exposed credentials, even rotated secrets begin to look like liabilities. The…

Read more →

Managing public key infrastructure (PKI) is challenging, especially in dynamic, cloud-native environments. In the “good old days,” you could create a virtual machine, place a certificate on it, and forget about it for a couple of years (or at least…

Read more →

In this third article of the AI infrastructure series, you will learn about AI infrastructure compute, storage, observability, performance, optimization (deep dive), and security. This is the final part in my three-part AI infrastructure series. It’s recommended to read the…

Read more →

Artificial intelligence is no longer such a far-fetched example of technology in software development; it is already a strong catalyst for change in software development. Machine learning requires less time, offers more intelligent decision-making, and streamlines repetitive tasks by using…

Read more →

In most organizations, security and compliance are enforced twice — once during build-time checks and again at runtime through admission controllers and monitoring systems. Often, the policies written at build-time are not reused at runtime, leading to drift, redundancy, and…

Read more →

Overview HTTPS is the most common mechanism used to protect client-server communication on the internet. Most teams focus on SSL/TLS and server-side hardening — and for good reason — but security is layered: the system is only as strong as…

Read more →

About Supply Chain Supply chain means that the entire system is involved, from the producer to the customer. This process involves producing and delivering a product or service to the customer. It includes all the methods, systems, organizations, people, activities,…

Read more →

Many SaaS teams pay more attention to encryption, firewalls, and compliance checks. They often overlook an essential asset: documentation.  Documentations may not be as exciting as a new firewall or security tool. However, unclear, outdated, or incomplete setup guides, API…

Read more →

“Ownership” is one of the harder concepts to define in the modern enterprise.  This feels deceptive because, from a personal and human level, ownership is a rather straightforward concept. When you own something as a person, like your car or…

Read more →

Imagine this: You are a developer who has been tasked with solving a difficult problem that causes revenue loss by the minute. Your managers and leaders have pulled you from your current priorities and asked you to look at the…

Read more →

The Model Context Protocol (MCP), introduced in late 2024, is a significant move forward towards transforming the agentic AI revolution by providing a mechanism for them to connect with enterprise tools, APIs, and databases. The protocol presents a standardized way for large language models…

Read more →