Tag: DZone Security Zone

The Internet of Things has shaken up our lives, connecting everything from smart homes to massive industrial systems in a pretty smooth way. Sure, these tech upgrades make our day-to-day so much easier, but they have also brought some real…

Read more →

Over the last few years, they have rapidly developed in the field of large language models (LLMs) since these models can now underpin anything, from a customer service chatbot to an enterprise-grade solution.  Now that such models are more woven…

Read more →

In this era of ever-growing digital footprint, decreasing security debt has become so critical for organizations operating in the cloud. The myriads of unresolved security findings expose services vulnerable to emerging threats as well as pose risk to compliance and…

Read more →

Cloud security refers to technologies, best practices, and safety guidelines that help to protect your data from human errors, insider and security threats. Therefore, it naturally covers a wide range of procedures, which are aimed at securing systems from data…

Read more →

As workforce becomes more digital,  identity security has become the center of enterprise cyber security. This is particularly challenging given that more than 40 billion authentication requests are processed each day, across platforms and devices, and more solutions than ever are…

Read more →

As we understood the foundational principles for designing and reviewing endpoint security controls in Part 1, we also covered key topics such as standardizing and enrolling approved devices and operating systems, enforcing strong authentication and centralized identity management, and validating…

Read more →

Introduction Managing identity and access management (IAM) for large-scale enterprises is a complex challenge, particularly when dealing with legacy systems that cannot be transitioned from overnight to modern authentication. Traditional migration often spans years, leaving enterprises burdened with technical debts…

Read more →

As organizations embrace digital transformation and hybrid work, the endpoint becomes both a critical productivity enabler and a significant security liability. Laptops, desktops, smartphones, and even IoT devices form the frontline in the battle for data integrity and organizational resilience.…

Read more →

How Hackers Bypass Lateral Movement Detection (And How to Stop Them) Detecting lateral movement has emerged as a crucial cybersecurity challenge today. Attackers who breach network perimeters follow a five-step process. They start with reconnaissance, move to their original compromise,…

Read more →

Security researchers and developers are raising alarms over “slopsquatting,” a new form of supply chain attack that leverages AI-generated misinformation commonly known as hallucinations. As developers increasingly rely on coding tools like GitHub Copilot, ChatGPT, and DeepSeek, attackers are exploiting…

Read more →

FIPS (Federal Information Processing Standards) [1] defines a set of public security standards developed by NIST (National Institute of Standards and Technology) [2] that govern the security requirements for cryptographic modules used in government systems. FIPS 140-3 is the latest…

Read more →

Introduction As of 2023, it’s estimated that 42 billion cumulative Wi-Fi enabled devices have been shipped (Wi-Fi® by the Numbers: Technology Momentum in 2023, n.d.). Every new device adds to the increasing wireless attack surface, and it’s important for anyone…

Read more →

It was not so long ago that I was having a much closer look at how AI is becoming embedded in our everyday developer work. I have watched more intelligent code suggestions, automated testing routines, and those ubiquitous chatbots become…

Read more →

Think your organization is too small to be a target for threat actors? Think again. In 2025, attackers no longer distinguish between size or sector. Whether you’re a flashy tech giant, a mid-sized auto dealership software provider, or a small…

Read more →

Abstract This article explores how artificial intelligence (AI) is enhancing threat detection in cloud certificate environments. It explicates how dissimilar AI modeling, such as supervised, unsupervised, and reinforcement learning, is used to describe and respond to security measures and threats…

Read more →

Businesses and individual users now employ big data analysis to support decision-making, engineering innovation, and productivity levels. However, the surge in the reliance on big data leads to growing concerns regarding its accuracy and trustworthiness. Although big data provides unprecedented…

Read more →

Abstract This paper presents a comprehensive approach to securing sensitive data in containerized environments using the principle of immutable secrets management, grounded in a Zero-Trust security model. We detail the inherent risks of traditional secrets management, demonstrate how immutability and…

Read more →

Introduction Cloud providers offer baseline landing zone frameworks, but successful implementation requires strategic customization tailored to an organization’s specific security, compliance, operations, and cost-management needs. Treating a landing zone as a turnkey solution can lead to security gaps and operational…

Read more →

Cookies are fundamental aspects of a web application that end users and developers frequently deal with. A cookie is a small piece of data that is stored in a user’s browser. The data element is used as a medium to…

Read more →

In the day-to-day operations of companies, solution architecture and information security are two areas that inevitably intersect. Both play a key role in building robust, scalable, and reliable technology environments. However, one question lingers — though rarely openly discussed: what…

Read more →