Tag: DZone Security Zone

Cybersecurity encompasses multiple different domains, including network isolation, platform security and infrastructure security. However, one thing that we less frequently discuss, but use more than often is cryptography. Whether it’s HTTPS, data encryption in databases, disk encryption, or technologies like…

Read more →

In today’s fast-paced world, organizations face increasing cyber threats that can compromise their operational integrity, erode customer trust, and jeopardize financial stability. While it’s crucial to have advanced security technologies in place, many organizations overlook the importance of cultivating a…

Read more →

The field of digital forensics often uses signatures to identify malicious executables. These signatures can take various forms: cryptographic hashes can be used to uniquely identify executables, whereas tools like YARA can help malware researchers identify and classify malware samples.…

Read more →

Protecting database access through strong password policies is a cornerstone of security in any environment. When deploying Oracle databases on AWS RDS, enforcing password complexity is essential, but the approach differs slightly from on-premises Oracle environments. AWS provides two primary…

Read more →

< div tabindex=”0″> Free Online Utilities May Not Be Safe Using online developer utilities, such as a JSON Viewer, can be incredibly convenient for parsing and visualizing JSON data, but they also come with significant risks. The tool, for instance,…

Read more →

When I first began working with serverless architectures in 2018, I quickly discovered that my traditional security playbook wasn’t going to cut it. The ephemeral nature of functions, the distributed service architecture, and the multiplicity of entry points created a…

Read more →

Imagine you’re building a skyscraper—not just quickly, but with precision. You rely on blueprints to make sure every beam and every bolt is exactly where it should be. That’s what Infrastructure as Code (IaC) is for today’s cloud-native organizations—a blueprint…

Read more →

Ever had that feeling that your phone is listening to you? You mention something random in conversation, and suddenly you’re bombarded with ads about it. Creepy, right? Privacy concerns surrounding AI have always been there. But something fascinating is happening…

Read more →

Software development teams and professionals are increasingly adopting vibe coding as their preferred approach. Vibe coding involves creating software through instinctual coding methods and minimal planning to achieve quick prototyping or making solutions work immediately. While vibe coding can spark…

Read more →

As SQL Server databases become increasingly targeted by cybercriminals, it’s crucial to adopt proactive security measures. Traditional database security mechanisms, such as access controls, role-based permissions, and firewalls, are important but may not be sufficient to detect advanced threats or…

Read more →

In our digital-first world, security isn’t just important — it’s non-negotiable, especially within DevOps environments. Yes, DevOps brilliantly accelerates development by bridging the gap between development and operations teams. But here’s the catch: that impressive speed sometimes races past essential…

Read more →

Security has been a major concern in today’s world. Security issues lead to data breaches with consequences such as data loss and financial losses. As a result, there is a need to focus on enhancing security.  The OWASP top 10…

Read more →

I’ve worked with a lot of enterprise customers over the years—big ones, too—and a common struggle I see is with their Data Loss Prevention (DLP) policies. Even though they’ve had the product for years, they often face one of two…

Read more →

Recently, my team encountered a critical production issue in which Apache Airflow tasks were getting stuck in the “queued” state indefinitely. As someone who has worked extensively with Scheduler, I’ve handled my share of DAG failures, retries, and scheduler quirks,…

Read more →

Building a full-stack application with Angular (frontend) and Node.js (backend) demands a holistic security approach. Security by design means baking in security from the architecture stage and throughout development, rather than as an afterthought. DevSecOps extends DevOps by integrating security…

Read more →

Early-career developers often struggle with secure coding practices. GitHub Copilot, an AI pair programmer, can assist in writing safer code when used wisely. However, guidance is key; a 2021 study found that approximately 40% of Copilot’s generated code had security…

Read more →

Tagging metadata and tracking SQL lineage manually is often tedious and prone to mistakes in data engineering. Although essential for compliance and data governance, these tasks usually involve lengthy manual checks of datasets, table structures, and SQL code.  Thankfully, advancements…

Read more →

Once the product becomes famous and the customer base increases, it is no longer viable to serve the customers using simple systems without too many bottlenecks. Distributed software systems are inevitable, and it is directly related to the growth of…

Read more →

Introduction Identity and Access Management (IAM) is a key pillar of any organization. It plays a vital role in enterprise security—securing the resources and the data of an organization by making sure only authorized users have access. As the IT infrastructure…

Read more →

Introduction A natural or human-made disaster is a significant concern for populations across the world. It is important that the response to such cases be prompt and effective so that human and financial losses are minimized. In addition, while the…

Read more →