Tag: DZone Security Zone

Good Old History: Sessions Back in the old days, we used to secure web applications with sessions. The concept was straightforward: upon user authentication, the application would issue a session identifier, which the user would subsequently present in each subsequent…

Read more →

Cyber threats are growing more sophisticated, frequent, and damaging, with the average cost of a data breach now reaching $4.24 million, according to IBM’s 2021 report. Clearly, organizations need more robust cybersecurity protections in place, which is leading many to…

Read more →

As we advance into 2024, the landscape of DevOps is undergoing a transformative shift. Emerging technologies, evolving methodologies, and changing business needs are redefining what it means to implement DevOps practices effectively. This article explores DevOps’s key trends and adaptations…

Read more →

While working on a user model, I found myself navigating through best practices and diverse strategies for managing a token service, transitioning from straightforward functions to a fully-fledged, independent service equipped with handy methods. I delved into the nuances of…

Read more →

With technology and data growing at an unprecedented pace, cloud computing has become a no-brainer answer for enterprises worldwide to foster growth and innovation. As we swiftly move towards the second quarter of 2024, predictions by cloud security reports highlight…

Read more →

Generative Artificial Intelligence (AI) has emerged as a transformative technology with vast potential for innovation across various sectors. However, the widespread adoption of generative AI raises significant concerns regarding privacy, fairness, and accountability, particularly in data sharing.  This article explores…

Read more →

The continuous integration/continuous delivery (CI/CD) pipeline represents the steps new software goes through before release. However, it can contain numerous vulnerabilities for hackers to exploit. 1. Vulnerabilities in the Code Many software releases get completed on such tight time frames…

Read more →

In the digital age, where data breaches and cyber threats loom large, ensuring the security of your digital assets is paramount. Businesses are in dire need of robust tools that not only detect threats in real time but also provide…

Read more →

As a developer, engineer, or architect, managing and securing growing volumes of data across multiple environments can be a complex and time-consuming task. Cohesity, a leading data management company, recently presented at the 54th IT Press Tour, highlighting how their…

Read more →

In the interconnected realm of modern software architecture, Application Programming Interfaces (APIs) are the fundamental building blocks that allow disparate systems, applications, and services to communicate with each other. They facilitate the exchange of data and functionality, enabling a seamless…

Read more →

In the rapidly evolving landscape of Kubernetes, security remains at the forefront of concerns for developers and architects alike. Kubernetes 1.25 brings significant changes, especially in how we approach pod security, an area critical to the secure deployment of applications.…

Read more →

Why Do Organizations Need Secure Development Environments? The need to secure corporate IT environments is common to all functions of organizations, and software application development is one of them. At its core, the need for securing IT environments in organizations…

Read more →

Cyberattacks are a common and permanent threat. This paper is the first in a series about cybersecurity. The aim is to provide software engineers with an understanding of the main threats and how to address them. Most exploits are based…

Read more →

Hype is a funny thing. Sometimes you find yourself in a Godfather Part 2 situation where the hype is totally justified. You hear about it. You try it. Life is changed. Hooray! Other times, you find yourself in more of…

Read more →

Vishing, a fusion of “voice” and “phishing,” represents a sophisticated social engineering tactic that leverages telephonic communication to extract sensitive personal or administrative information. Though not a novel concept, historical instances underscore the enduring efficacy of vishing in breaching security…

Read more →

Connecting AWS Lambda to an AWS RDS instance allows you to build serverless applications that can interact with relational databases, thereby enabling you to manage database operations without provisioning or managing servers. This comprehensive guide walks you through the process…

Read more →

Solix, a leading provider of data management and integration solutions, recently presented to the 54th IT Press Tour, sharing insights into how their solutions can help developers, engineers, and architects organize enterprise data and optimize infrastructure. With a mission “to…

Read more →

The modern data stack represents the evolution of data management, shifting from traditional, monolithic systems to agile, cloud-based architectures. It’s designed to handle large amounts of data, providing scalability, flexibility, and real-time processing capabilities. This stack is modular, allowing organizations…

Read more →

Overview This documentation provides a comprehensive guide to setting up a Virtual Private Network (VPN) server using Pritunl, a popular open-source VPN server management platform. By following these steps, users can establish a secure and private network infrastructure suitable for…

Read more →

Artificial intelligence (AI) offers transformative potential across industries, yet its vulnerability to adversarial attacks poses significant risks. Adversarial attacks, in which meticulously crafted inputs deceive AI models, can undermine system reliability, safety, and security. This article explores key strategies for…

Read more →