Tag: DZone Security Zone

In today’s digital age, URL-shortening services like TinyURL and bit.ly are essential for converting lengthy URLs into short, manageable links. While many blogs focus on how to build such systems, they often overlook the security aspects. Here, we have threat-modeled…

Read more →

The cybersecurity industry was once again placed on high alert following the discovery of an insidious software supply chain compromise. The vulnerability, affecting the XZ Utils data compression library that ships with major Linux distributions, is logged under CVE-2024-3094 and…

Read more →

Software development is becoming complex, and a new approach is being used to create cross-functional hybrid teams.  This means some developers work on-site while others develop parts of software code remotely. While this approach has benefited agility, speed, and scalability,…

Read more →

In the face of an ever-evolving threat landscape, organizations are constantly seeking innovative solutions to bolster their cyber resilience. Index Engines, a leading cyber security company, has taken a significant step forward in this direction with the announcement of an industry-first…

Read more →

Troubleshooting IPsec VPN Site-to-Site connections on a FortiGate firewall can be challenging due to the complex nature of VPN connections. Here’s a structured approach to diagnose and resolve common IPsec VPN problems between two sites: “Headquarter” and “Branch”. Topology This…

Read more →

Kubernetes is a de facto platform for managing containerized applications. It provides a rich ecosystem for deployment, scaling, and operations with first-class support (tons of ready configs and documentation) on the Google Cloud platform. Given the growing importance of data…

Read more →

“Cloud resources” is a term that refers to various components and services available in cloud computing environments. On-demand scaling and flexible IT infrastructure are provided by cloud resources. To deploy and scale applications, and store and manage data, organizations leverage…

Read more →

This headline came across my email the other day, and it really got me thinking:  “Number of vulnerable IoT devices increases 136%” This article has been indexed from DZone Security Zone Read the original article: IoT Needs To Get Serious…

Read more →

Secure Access Service Edge (SASE) enhances security by converging network and security services into a single, cloud-native architecture. The model is designed to meet the challenges of modern IT environments, with a rising tendency to use the cloud, mobile workforce,…

Read more →

Snowflake, a leading cloud data warehousing provider, has been impacted by a major data breach recently. This incident, which surfaced in June 2024, has sent ripples through the tech community, affecting prominent clients like Advance Auto Parts, Santander Bank, and…

Read more →

Traditional cybersecurity measures may not be enough to protect organizations from new and emerging threats in today’s fast-paced digital world. Security systems need to be advanced along with technology and also should be flexible and adaptable. Composable security is an…

Read more →

The rapid advancement of large language models (LLMs) has ignited both excitement and apprehension. While their potential for good is immense, so too is the possibility of misuse and unintended consequences. Understanding the specific dangers these powerful AI systems pose…

Read more →

Can you monitor your internal SSL certificates? This was a question we frequently heard from our clients. Many organizations keep their services (web, database, etc.) inaccessible on the public internet, for security, compliance, cost, and other reasons. At TrackSSL, we…

Read more →

For developers, engineers, and architects, turning raw data into actionable insights has long been a complex and time-consuming challenge. But Sigma Computing is on a mission to change that with its innovative cloud-native data analytics platform built on Snowflake. “Snowflake…

Read more →

As they evolve, quantum computers will be able to break widely used cryptographic protocols, such as RSA and ECC, which rely on the difficulty of factoring large numbers and calculating discrete logarithms. Post-quantum cryptography (PQC) aims to develop cryptographic algorithms…

Read more →

Azure Entra Id, formerly Azure Active Directory is a comprehensive Identity and Access Management offering from Microsoft. While it encompasses many functionalities, the article will focus on Managed Identities. Why Managed Identities? Initially, Azure resources were accessed using connecting strings–keys…

Read more →

Security Operations Centers (SOCs) play a crucial role in detecting, responding to, and mitigating security threats in an increasingly complex threat landscape. One fundamental aspect of SOC efficiency is the tuning of alerts to ensure accurate and timely threat detection…

Read more →

Network onboarding — the process through which new devices gain access to an organization’s network— is a cornerstone of IT operations, affecting everything from security to user satisfaction. Traditionally, this process has been fraught with challenges, particularly at scale. In environments…

Read more →

As a seasoned security architect, I have witnessed the transformative impact of AI and ML on the software development landscape, particularly in the context of API security. The advent of GenAI, with its ability to rapidly generate code and entire…

Read more →

Diligent software developers must follow secure development practices, industry standards, and regulatory requirements when handling software vulnerabilities. Handling vulnerabilities is a complex, multi-step process that involves various methods and stages. One effective approach to finding vulnerabilities is through Bug Bounty…

Read more →