Tag: DZone Security Zone

Let’s face it: frontend security often gets overlooked. With so much focus on UI/UX and performance, it’s easy to assume that back-end APIs and firewalls are taking care of all the heavy lifting. But the reality is that your beautiful…

Read more →

Over the past one and a half years, I was involved in designing and developing a multi-tenant treasury management system. In this article, I will share our approaches to the data isolation aspect of our multi-tenant solution and the learnings…

Read more →

Sluggish build times and bloated node_modules folders are issues that many developers encounter but often overlook. Why does this happen? The answer lies in the intricate web of npm dependencies. With every npm install, your project inherits not only the…

Read more →

Kubernetes has grown to become the go-to platform for container orchestration. While the flexibility and scalability that make Kubernetes interesting also present substantial security challenges, perimeter-based security has become outdated in these organizations, and thus, they are willing to switch…

Read more →

When organizations handle sensitive information, ensuring its security and maintaining compliance are paramount. Two key frameworks in this domain are ISO 27001 and SOC 2. While they share common goals, they differ significantly in their approach, scope, and purpose. Here’s…

Read more →

Do we really need to break text into tokens, or could we work directly with raw bytes? First, let’s think about how do LLMs currently handle text. They first chop it up into chunks called tokens using rules about common…

Read more →

Today, automated bot traffic creates a very costly and complex challenge for organizations in the modern digital environment. The traditional defenses present the platform operators with a paradox: the very methods effective in keeping the bots away frustrate legitimate users,…

Read more →

Traditional internal developer platforms (IDPs) have transformed how organizations manage code and infrastructure. By standardizing workflows through tools like CI/CD pipelines and Infrastructure as Code (IaC), these platforms have enabled rapid deployments, reduced manual errors, and improved developer experience. However,…

Read more →

Data breaches cost organizations an average of $4.45 million in 2023. This shows how secure data processing is becoming more crucial by the day, and the challenge grows more complex with sensitive information in cloud environments. AWS enclave technology solves…

Read more →

Artificial intelligence (AI) has transformed industries by driving innovation and efficiency across sectors. However, its rapid adoption has also exposed vulnerabilities that bad actors can exploit, making security a paramount concern. This article talks about the challenges and strategies to…

Read more →

The industry’s increasing focus on secure container images is undeniable. Companies like Chainguard — specializing in delivering container images free of CVEs — have demonstrated the demand by recently raising an impressive $140 million at a $1.1 billion valuation. In…

Read more →

In today’s digital era, cybersecurity is a cornerstone of maintaining trust and reliability in cloud operations. A managed threat detection service by AWS, like Amazon GuardDuty, can help secure your environment by analyzing activity and identifying potential risks. This hands-on…

Read more →

What Is AI Data Governance? Artificial Intelligence (AI) governance refers to the frameworks, policies, and ethical standards that guide AI technologies’ development, deployment, and management. It encompasses a range of considerations, such as data privacy, algorithmic transparency, accountability, and fairness…

Read more →

Security comes down to trust. In DevOps and our applications, it really is a question of “should this entity be allowed to do that action?” In an earlier time in IT, we could assume that if something was inside a…

Read more →

The primary inspiration for this article was my feeling that unfortunately, IT and Cyber too often work in silos — with security constraints often poorly addressed or insufficiently shared. It was also inspired by meetings with people working in Cyber,…

Read more →

With organizations shifting at a rapid pace to the cloud, securing the infrastructure is of paramount importance in their list of priorities. Even though AWS provides a varied set of tools and services related to security and compliance. There are…

Read more →

In the IoT world, security is one of the biggest challenges. When you’re connecting multiple devices together over a network, various doors are left ajar to security threats, along with an increase in the number of doors themselves that open…

Read more →

This article was written using Ballerina Swan Lake Update 10.0 (2201.10.0) but is expected to remain compatible with newer versions. DocuSign is a leading digital transaction management platform that allows users to sign, send, and manage documents securely and efficiently.…

Read more →

Cloud computing has become one of the core building blocks for modern software development. It underpins scalable web applications and forms a foundation for national infrastructure. In turn, as more enterprises and organizations adopt the cloud, the increased efficiency and…

Read more →

The museum of old and new architectures I am involved with forced me to look into safeguarding them. For instance, an old dependency can turn CVE or a solid open-source project can go commercial. This is where the concept of…

Read more →