Tag: DZone Security Zone

Datadog has 600+ out-of-the-box integrations that cover a variety of technologies, from web servers to databases to 3rd party SaaS services. For many of these integrations, there are agent configuration files that require storing credentials for the technology. The larger…

Read more →

Libraries can rise to stardom in months, only to crash and fade into obscurity within months. We’ve all seen this happen in the software development world, and my own journey has been filled with “must-have” JavaScript libraries, each claiming to…

Read more →

Implementing cryptographic primitives securely is crucial for maintaining the integrity, confidentiality, and authenticity of data in Go applications. This guide will walk you through the process of implementing and testing various cryptographic primitives using Go’s standard library and best practices.…

Read more →

I’m originally a .NET developer, and the breadth and depth of this framework are impressive. You probably know the phrase, “When all you have is a hammer, everything looks like a nail.” Nevertheless, although I wrote a few articles about…

Read more →

Remember when you had to squint at wonky text or click on traffic lights to prove you’re human? Those classic CAPTCHAs are being rendered obsolete by the day. As artificial intelligence improves, these once-reliable gatekeepers let automated systems through. That…

Read more →

As transitioning to the digital world is the norm today, businesses face the challenge of constantly maximizing performance while keeping a lookout for potential threats. However, whether it’s spotting fraud in banking and eCommerce, moderating content on social media and…

Read more →

Let’s face it: frontend security often gets overlooked. With so much focus on UI/UX and performance, it’s easy to assume that back-end APIs and firewalls are taking care of all the heavy lifting. But the reality is that your beautiful…

Read more →

Over the past one and a half years, I was involved in designing and developing a multi-tenant treasury management system. In this article, I will share our approaches to the data isolation aspect of our multi-tenant solution and the learnings…

Read more →

Sluggish build times and bloated node_modules folders are issues that many developers encounter but often overlook. Why does this happen? The answer lies in the intricate web of npm dependencies. With every npm install, your project inherits not only the…

Read more →

Kubernetes has grown to become the go-to platform for container orchestration. While the flexibility and scalability that make Kubernetes interesting also present substantial security challenges, perimeter-based security has become outdated in these organizations, and thus, they are willing to switch…

Read more →

When organizations handle sensitive information, ensuring its security and maintaining compliance are paramount. Two key frameworks in this domain are ISO 27001 and SOC 2. While they share common goals, they differ significantly in their approach, scope, and purpose. Here’s…

Read more →

Do we really need to break text into tokens, or could we work directly with raw bytes? First, let’s think about how do LLMs currently handle text. They first chop it up into chunks called tokens using rules about common…

Read more →

Today, automated bot traffic creates a very costly and complex challenge for organizations in the modern digital environment. The traditional defenses present the platform operators with a paradox: the very methods effective in keeping the bots away frustrate legitimate users,…

Read more →

Traditional internal developer platforms (IDPs) have transformed how organizations manage code and infrastructure. By standardizing workflows through tools like CI/CD pipelines and Infrastructure as Code (IaC), these platforms have enabled rapid deployments, reduced manual errors, and improved developer experience. However,…

Read more →

Data breaches cost organizations an average of $4.45 million in 2023. This shows how secure data processing is becoming more crucial by the day, and the challenge grows more complex with sensitive information in cloud environments. AWS enclave technology solves…

Read more →

Artificial intelligence (AI) has transformed industries by driving innovation and efficiency across sectors. However, its rapid adoption has also exposed vulnerabilities that bad actors can exploit, making security a paramount concern. This article talks about the challenges and strategies to…

Read more →

The industry’s increasing focus on secure container images is undeniable. Companies like Chainguard — specializing in delivering container images free of CVEs — have demonstrated the demand by recently raising an impressive $140 million at a $1.1 billion valuation. In…

Read more →

In today’s digital era, cybersecurity is a cornerstone of maintaining trust and reliability in cloud operations. A managed threat detection service by AWS, like Amazon GuardDuty, can help secure your environment by analyzing activity and identifying potential risks. This hands-on…

Read more →

What Is AI Data Governance? Artificial Intelligence (AI) governance refers to the frameworks, policies, and ethical standards that guide AI technologies’ development, deployment, and management. It encompasses a range of considerations, such as data privacy, algorithmic transparency, accountability, and fairness…

Read more →

Security comes down to trust. In DevOps and our applications, it really is a question of “should this entity be allowed to do that action?” In an earlier time in IT, we could assume that if something was inside a…

Read more →