Eight benefits of a cyber security policy
Posted on September 13, 2020, Level beginner Resource Length short
Learn what a cyber security policy is and why it's important for protecting your small business. Whilst many businesses have expanded into the world of ecommerce and online shopping in recent months, strong cyber security is essential to protect both you and your customers. By fsb.org.uk.
IBM completes successful field trials on Fully Homomorphic Encryption
Posted on August 8, 2020, Level beginner Resource Length medium
Fully Homomorphic Encryptio (FHE) allows computation of still-encrypted data, without sharing the secrets. We're already accustomed to data being encrypted while at rest or in flight—FHE offers the possibility of doing computations on it as well, without ever actually decrypting it. By Jim Salter.
How to scale and secure Django application with Docker, Nginx, and Let's Encrypt
Posted on August 7, 2020, Level intermediate Resource Length short
In cloud-based environments, there are multiple ways to scale and secure a Django application. By scaling horizontally, and running several copies of your app, you can build a more fault-tolerant and highly-available system, while also increasing its throughput so that requests can be processed simultaneously. By Hanif Jetha.
Data breaches could cost you hundreds of millions
Posted on August 6, 2020, Level beginner Resource Length short
Mega breaches that compromise 50m records or more cost businesses $392m on average. By Anthony Spadafora.
Replacing web server functionality with serverless services
Posted on July 29, 2020, Level intermediate Resource Length medium
Web servers bring together many useful services in traditional web development. Developers use servers like Apache and NGINX for many common tasks. Linux, Apache, MySQL, and PHP formed the LAMP stack to power a large percentage of the world's websites. Other variants, like the MEAN stack (MongoDB, Express.js, AngularJS, Node.js), have also been popular. By James Beswick.
What is DevSecOps? Why it's hard to do well
Posted on July 28, 2020, Level intermediate Resource Length long
DevSecOps is about introducing security earlier in the life cycle of application development, thus minimizing vulnerabilities and bringing security closer to IT and business objectives. By Lucian Constantin.
Enhancing Red Hat OpenShift with hardware cryptography
Posted on July 23, 2020, Level intermediate Resource Length medium
The purpose of the blog is to introduce you to incorporating high assurance cryptographic security with hardware security modules (HSMs) into your Red Hat OpenShift projects. Since this might be new territory for some in the developer community, author will take a moment to explain what an HSM is. By Oli-Wade.
Top 5 threats to apis servicing mobile apps
Posted on July 20, 2020, Level beginner Resource Length short
David Stewart put together this blog post about security threats to APIs. As mobile apps become increasingly paramount to operating successfully in today's markets, a big question mark over API security is raised. Gartner has previously predicted that by 2022, "API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications." Since every mobile app out there is powered by APIs, securing them is clearly a top priority.
Generating UUIDs at scale on the Web
Posted on July 10, 2020, Level beginner Resource Length long
Can you trust every browser to generate globally unique identifiers at scale? At Teads, we have tried, and the answer is yes, with a few caveats. This article describes the experiments we've run and the discoveries we made along the way. By Matthieu Wipliez, senior software engineer @ Teads.
6 best practices for managing Git repos
Posted on July 7, 2020, Level beginner Resource Length medium
This article reviews some of the best practices when it comes to adding files to your own repositories. Resist the urge to add things in Git that will make it harder to manage; here's what to do instead. By Seth Kenlon (Red Hat).
How to improve JWT performance in Node.js
Posted on July 1, 2020, Level advanced Resource Length long
Each operation, even the smallest one, counts towards the performance and availability of a service. High performance and availability must be maintained without compromising the security of the system. By Paolo Insogna @nearform.com.
Two-Factor Authentication (2FA) for SSH with Google Authenticator
Posted on June 18, 2020, Level beginner Resource Length short
If you've ever signed up for a Google, Github, or Twitter account then you've likely come across two-factor authentication. Adding in two-factor logins to SSH then seems like a no brainer. It provides a much-needed extra security layer on an otherwise very vulnerable port of entry to your server. By serverauth.com.