Tag: DZone Security Zone

In today’s enterprise landscape, containerization has become almost synonymous with modern application deployment. However, with containers handling sensitive data and critical business operations, security should be carefully considered and implemented. I’ve spent years securing containerized applications in the financial sector,…

Read more →

As artificial intelligence (AI) continues to revolutionize industries, its role in critical applications continues to grow exponentially. With all this innovation comes a growing concern — how do we keep AI systems secure? Unlike traditional applications, AI deals with highly…

Read more →

In the hustle to deliver value, development teams can unknowingly create software architectures that hinder their long-term progress. Initially, everything seems fine — features are shipping, continuous integration (CI) jobs are passing, and the product actually works. Yet, beneath the…

Read more →

Generative Artificial Intelligence (GenAI) adoption is picking up pace. According to McKinsey, the rate of implementation has doubled compared to just ten months prior, with 65 percent of respondents saying their companies regularly use GenAI. The promise of disruptive impact…

Read more →

OneLake in Microsoft Fabric aims to provide an enterprise with a consolidated analytical approach by developing its data and tools into one logical base. OneLake, which is automatically available across all Microsoft Fabric tenants, enables users to manage large volumes…

Read more →

Cloud IaaS providers like AWS, Azure, OCI, and GCP operate on a shared responsibility model. While they secure the underlying infrastructure, You, as a customer, are responsible for protecting data, applications, and access management. The rapid adoption of cloud services…

Read more →

As Kubernetes continues to gain traction in the realm of container orchestration, ensuring the security of container images has become paramount. Two prominent tools that focus on securing the software supply chain in Kubernetes environments are Cosign and Connaisseur. While…

Read more →

Microservices architecture has reshaped the way we design and build software, emphasizing scalability, maintainability, and agility. Two frameworks, Dropwizard and Micronaut, have gained prominence in the microservices ecosystem, each offering unique features to simplify and optimize development. In this article,…

Read more →

APIs play a critical role in web applications in the modern digital world. They are the means by which diverse components of the software talk to each other and effectively communicate. Thus, with the growing use of APIs, new kinds…

Read more →

Being a backend developer and having worked for years in the jungle of authentication and identity management, I can attest to the fact that implementing seamless SSO is often way more complex than it seems. I have witnessed how organizations…

Read more →

NodeJS is a very popular platform for building backend services and creating API endpoints. Several large companies use NodeJS in their microservices tech stack, which makes it a very useful platform to learn and know, similar to other popular languages…

Read more →

Kubernetes is not new and has been a de-facto standard of deployments and CI/CD at most companies for a while. The goal of this article is to make you familiar with all the terms and jargon that Kubernetes experts use,…

Read more →

In today’s fast-paced development environment, containerized applications have become the go-to solution for many organizations. They offer scalability, portability, and efficiency. However, containerized environments also bring their own set of challenges, particularly when it comes to security vulnerabilities. One of…

Read more →

What Is Data Governance, and How Do Glossaries, Catalogs, and Lineage Strengthen It? Data governance is a framework that is developed through the collaboration of individuals with various roles and responsibilities. This framework aims to establish processes, policies, procedures, standards,…

Read more →

The rapidly evolving cybersecurity landscape presents an array of challenges for businesses of all sizes across all industries. The constant emergence of new cyber threats, including those now powered by AI, is overwhelming current security models. A 2023 study by…

Read more →

(Note: A list of links for all articles in this series can be found at the conclusion of this article.) In Part 4 of this multi-part series on continuous compliance, we presented designs for Compliance Policy Administration Centers (CPAC) which…

Read more →

As someone who has worked in various areas of Azure for almost a decade, I have witnessed its constant evolution and the rise of increasingly sophisticated security risks. This calls for a unified approach to modern cloud security, where integrating…

Read more →

Continuous Integration and Continuous Deployment (CI/CD) pipelines are crucial for modern software development. This article explores advanced techniques to optimize these pipelines, enhancing efficiency and reliability for enterprise-level operations. Parallelization Using Matrix Builds GitHub Actions CI tests using the matrix…

Read more →

In Oracle, the AUTHID clause is a powerful option to manage DB security and access control. It defines who is considered a current user for execution purposes within stored procedures and functions. This article explores the basics of AUTHID, different…

Read more →

According to the Thales 2024 Cloud Security Study, 31% of cyberattacks prioritize SaaS applications, followed closely by 30% targeting cloud storage and 26% aimed at cloud management infrastructure. Cloud resources have become the prime targets for hackers — no surprise,…

Read more →