Tag: DZone Security Zone

Machine learning models don’t succeed in isolation — they rely on robust systems to validate, monitor, and explain their behavior. Top tech companies such as Netflix, Meta, and Airbnb have invested heavily in building scalable experimentation and ML platforms that…

Read more →

You can’t secure what you don’t understand, and right now, most enterprises don’t understand the thing running half their operations. Autonomous AI agents are here. They’re booking appointments, executing trades, handling customer complaints, and doing it all without waiting for…

Read more →

Editor’s Note: The following is an article written for and published in DZone’s 2025 Trend Report, Software Supply Chain Security: Enhancing Trust and Resilience Across the Software Development Lifecycle. Software supply chain security is on the rise as systems advance and…

Read more →

As an architect, security is the first thing that comes to mind when defining an architecture for a customer. One of the key things that you need to keep in mind is minimizing the network traffic routed through the public…

Read more →

Series Overview This article is part 1 of a multi-part series: “Development of system configuration management.” The complete series: This article has been indexed from DZone Security Zone Read the original article: Development of System Configuration Management: Introduction

Read more →

The rise of data mesh architectures redefines how modern organizations have approached the concept of data security. Standard best practices dictate that data should be centralized, allowing it to be collected, stored, and governed within monolithic systems, such as data…

Read more →

APIs have emerged as the cement of the contemporary application. APIs are at the heart of the movement of data, and the interaction of systems, whether in the form of mobile apps and web frontends or microservices and third-party integrations.…

Read more →

This tutorial is all about implementing JWT Policy Enforcement in API Manager using a sample RAML-based project. It’s especially helpful when applying policies through the API Manager in the Anypoint Platform. Along the way, you’ll also learn how to secure…

Read more →

(Note: A list of links for all articles in this series can be found at the conclusion of this article.) In parts 2 and part 3 of this blog series, we introduced the open-source Trestle SDK, which implements the NIST…

Read more →

Most developers don’t start their day thinking, “Is our internal directory secure?” They’ve got builds to run, bugs to squash, maybe a pull request or five to review. But internal directories (like Active Directory or Azure AD) aren’t just a…

Read more →

With the release of the IBM® App Connect Operator version 12.1.0, you can now use your existing Keycloak instance to configure authentication and authorization for App Connect Dashboard and Designer Authoring. Building on top of the capability to use Keycloak,…

Read more →

In 2025, mobile applications are smarter, faster, and increasingly location-aware. From e-commerce personalization to regional compliance, knowing where a user is located adds critical context to the user experience. While GPS provides the most accurate location data, it isn’t always…

Read more →

In this blog, you will learn how to set up the OpenID Connect Authorization Code Flow using Keycloak. You will execute the flow yourself in order to get a better understanding of OIDC. Enjoy! Introduction Adding security to your application…

Read more →

As software continues to eat the world, and AI becomes a force multiplier for attackers, those of us tasked with defending our systems have to be more focused, deliberate, and proactive in our approaches. We have to rise up to…

Read more →

Your organization’s entire infrastructure moved to the cloud last year, but your security team is still thinking like it’s 2015. They’re applying traditional network security controls to cloud environments, creating bottlenecks that slow down your deployments and leave massive security…

Read more →

In the rapidly evolving landscape of cloud automation and multi-cloud strategies, the secure handling of sensitive data, particularly credentials, has emerged as a paramount concern. Traditional methods of storing long-lived credentials, whether in configuration files, CI/CD pipelines, or dedicated secret…

Read more →

GitHub Copilot is not just a new tool anymore. It’s becoming a code productivity accelerator tool. In regulated industries like fintech, where speed must match uncompromising security standards. AI-assisted coding can shift the developer workflow from reactive to proactive.  In…

Read more →

Infrastructure as Code (IaC) was supposed to solve the chaos of cloud operations. It promised visibility, governance, and the ability to scale infrastructure with confidence. But for many teams, the reality is far from ideal.  Instead of clarity and control,…

Read more →

Picture this: you’re a cybersecurity pro up against an invisible enemy. Hidden in your network are zero-day exploits, which represent unknown vulnerabilities that await their moment to strike. The time you spend examining logs becomes pointless because the attack might…

Read more →

Secure Multi-Tenancy Implementation Guide As a developer who has worked extensively with SaaS applications, I’ve learned that implementing secure multi-tenancy is one of the most critical aspects of building scalable software-as-a-service platforms. Through my experience, I’ve compiled this comprehensive checklist…

Read more →