Tag: DZone Security Zone

The digital infrastructure we’ve built resembles a house of cards. One compromised dependency, one malicious commit, one overlooked vulnerability and the entire edifice comes tumbling down. In March 2024, security researchers discovered something terrifying: a backdoor lurking within XZ Utils,…

Read more →

Container security is all about making sure you run an image that is exceptionally low in vulnerability and malware. I would love to say having zero vulnerabilities, but it is rarely possible in the real world. In the worst case,…

Read more →

“We recently purchased a Zero Trust solution.”  A statement like that makes even the most seasoned security experts cringe. Zero Trust is a ubiquitous notion in 2025, appearing in product packaging, seminars, and sales presentations. However, the fundamental idea is…

Read more →

Modern automation frameworks have come a long way—Playwright, Cypress, RestAssured, Cucumber, and Selenium enable teams to run sophisticated end-to-end validations across browsers and services. But under all that progress lies a risk that’s still alarmingly common: secrets hardcoded into test…

Read more →

This article demonstrates how a critical Trivy SBOM generation fix (PR #9224) can be scaled into an enterprise GenAI-powered platform, delivering comprehensive DevSecOps automation and millions in cost savings. We will explore the technical implementation from core dependency resolution improvements…

Read more →

Many times, while developing at work, I needed a template for a simple application from which to start adding specific code for the project at hand. In this article, I will create a simple Java application that connects to a…

Read more →

Do you have a use case where you want to implement a network firewall in IBM Cloud VPC that filters traffic based on hostname? For example, you may want to allow connections only to www.microsoft.com and www.apple.com, while blocking access…

Read more →

Series Overview This article is Part 2.3 of a multi-part series: “Development of system configuration management.” The complete series: This article has been indexed from DZone Security Zone Read the original article: Development of System Configuration Management: Handling Exclusive Configurations…

Read more →

I constantly have thoughts buzzing in my head, and I need to throw them somewhere or they’ll just fly away. So I thought I’d write a few articles about how our lives are becoming more like the movies and games…

Read more →

Editor’s Note: The following is an article written for and published in DZone’s 2025 Trend Report, Data Engineering: Scaling Intelligence With the Modern Data Stack. Data has evolved from a byproduct of business processes to a vital asset for innovation and…

Read more →

The overall landscape of app development is continuing with a transformative shift that is driven by various latest technologies, including AI or artificial intelligence, edge computing, and blockchain. These innovations are enhancing the efficiency and functionality of the apps, catering…

Read more →

Series Overview This article is Part 2.1 of a multi-part series: “Development of system configuration management.” The complete series: This article has been indexed from DZone Security Zone Read the original article: Development of System Configuration Management: Working With Secrets,…

Read more →

The Internet of Things (IoT) comprises smart devices connected to a network, sending and receiving large amounts of data to and from other devices, which generates a substantial amount of data to be processed and analyzed.   Edge computing, a…

Read more →

Introduction In the new cloud-native era, it is important to be able to scale and manage applications efficiently. Kubernetes, as a leading container orchestration platform, provides strong features for managing storage through Persistent Volume Claims (PVCs). Mapping Kubernetes to traditional…

Read more →

Introduction In modern industrial automation, security is a primary requirement to keep the regular operation of industrial connected devices without disruption. However, the rise of cyber risks also significantly impacts the industry’s sustainable operation. The evolving cyberattacks can affect the…

Read more →

AI is everywhere now, and cybersecurity is no exception. If you’ve noticed your spam filter getting smarter or your bank flagging sketchy transactions faster, there’s a good chance AI is behind it. But the same tech that helps defend data…

Read more →

TLDR: Certificate Authorities (CAs) are the ultimate trust brokers online, issuing the digital certificates that make secure web browsing, e-commerce, and confidential communications possible. This article breaks down what CAs do, the nuances of public and private trust, role of…

Read more →

Managing users efficiently is a key part of automating system administration with Ansible. In this guide, you’ll learn how to create users, set passwords, add users to groups, and configure remote access using Ansible’s powerful tools.  What is the Ansible…

Read more →

Keeping hundreds of endpoints patched and compliant sounds easy on paper until you’re juggling different departments, conflicting maintenance windows, and manual tracking spreadsheets. We knew our approach had to change when a missed update led to a critical zero-day vulnerability…

Read more →

Cloud computing offers unmatched scalability and flexibility, but it also introduces new security challenges. Developers must take proactive steps to secure applications, infrastructure, and sensitive data from cyber threats. In this tutorial, we will explore essential cloud security best practices…

Read more →