Tag: DZone Security Zone

What Is Incident Management? Incident management is the process of identifying, responding, resolving, and learning from incidents that disrupt the normal operation of a service or system. An incident can be anything from a server outage, a security breach, a…

Read more →

According to a report by MarketsandMarkets, the global AI in cybersecurity market is projected to skyrocket from $8.8 billion in 2020 to an estimated $38.2 billion by 2026, marking a staggering 23.3% compound annual growth rate during the forecast period.…

Read more →

This article provides a brief overview of techniques that can be used in your mobile iOS application to keep it secure enough for the vast majority of cases. If you are a junior or middle iOS developer and have not…

Read more →

Cloud computing has revolutionized software organizations’ operations, offering unprecedented scalability, flexibility, and cost-efficiency in managing digital resources. This transformative technology enables businesses to rapidly deploy and scale services, adapt to changing market demands, and reduce operational costs. However, the transition…

Read more →

Creating an OAuth 2.0 Authorization Server from scratch involves understanding the OAuth 2.0 framework and implementing its various components, such as the authorization endpoint, token endpoint, and client registration. In this detailed guide, we’ll walk through building a simple OAuth…

Read more →

When superior performance comes at a higher price tag, innovation makes it accessible. This is quite evident from the way AWS has been evolving its services:  gp3, the successor of gp2 volumes: Offers the same durability, supported volume size, max IOPS…

Read more →

Last week, we listed 16 practices to help secure one’s APIs and described how to implement them with Apache APISIX. Authentication: Verifies the identity of users accessing APIs. Authorization: Determines permissions of authenticated users. Data Redaction: Obscures sensitive data for…

Read more →

Generative AI (GenAI) represents a significant leap in artificial intelligence, enabling the creation of novel and realistic data, from text and audio to images and code. While this innovation holds immense potential, it also raises critical concerns regarding data security…

Read more →

Editor’s Note: The following is an article written for and published in DZone’s 2024 Trend Report, The Modern DevOps Lifecycle: Shifting CI/CD and Application Architectures. Software supply chains (SSCs) have become a prevalent topic in the software development world, and for…

Read more →

Developers need feedback on their work so that they know whether their code is helping the business. They should have “multiple feedback loops to ensure that high-quality software gets delivered to users”[1]. Development teams also need to review their feedback…

Read more →

There are several steps involved in implementing a data pipeline that integrates Apache Kafka with AWS RDS and uses AWS Lambda and API Gateway to feed data into a web application. Here is a high-level overview of how to architect this…

Read more →

Digital security has become a significant worry for organizations of different sizes in today’s fast-paced world. With the rate at which digital threats continue to develop, enhancing security measures is very important to protect vulnerable data and infrastructure. This defense…

Read more →

As Managed Service Providers (MSPs) continue to play a crucial role in managing IT services for businesses, understanding the landscape of cybersecurity threats becomes paramount. The year 2024 is no exception, with cybercriminals employing more sophisticated methods to breach defenses.…

Read more →

Critical Infrastructure Protection is the need to safeguard a nation/region’s important infrastructures, such as food, agriculture, or transportation. Critical infrastructures include transportation systems, power grids, and communication systems. Critical infrastructure protection is important to communities because any damage to these…

Read more →

In fintech application mobile apps or the web, deploying new features in areas like loan applications requires careful validation. Traditional testing with real user data, especially personally identifiable information (PII), presents significant challenges. Synthetic transactions offer a solution, enabling the…

Read more →

Have you authorized an application to access Salesforce without giving your credentials to that application? Then, you must have used a Salesforce OAuth authorization flow. OAuth is a standard for authorization. Salesforce uses several OAuth flows, and all these flows…

Read more →

In today’s digital age, the proliferation of Deepfake technology and voice phishing (vishing) tactics presents a significant challenge to the authenticity and security of digital communications. Deepfakes manipulate audio and video to create convincing counterfeit content, while vishing exploits voice…

Read more →

Concerns about internet privacy and security are more common than ever in the quickly changing digital environment. As individuals and organizations participate in a variety of online activities, the necessity to protect sensitive information has resulted in the widespread use…

Read more →

SQL injection remains one of the most pernicious forms of security vulnerabilities facing databases today. This attack method exploits security weaknesses in an application’s software by injecting malicious SQL statements into an execution field. For databases hosted on Amazon RDS…

Read more →

In the rapidly evolving world of cloud-native technologies, Kubernetes has emerged as the de facto orchestration tool, enabling businesses to deploy, manage, and scale containerized applications with unparalleled efficiency. However, as the complexity of deployments grows, ensuring compliance and governance…

Read more →