Tag: Infosec

• Good-bye ESNI, hello ECH!

  Posted on December 8, 2020, Level beginner Resource Length long

  Most communication on the modern Internet is encrypted to ensure that its content is intelligible only to the endpoints, i.e., client and server. Encryption, however, requires a key and so the endpoints must agree on an encryption key without revealing the key to would-be attackers. By Christopher Patton.

  ---

  Tags infosec microservices devops app-development

• 10 docker security best practices

  Posted on November 30, 2020, Level intermediate Resource Length short

  Docker containers and Kubernetes are the driving force of a modern software development life cycle. Although Docker is a safer option than working on the host machine directly, many potential security issues may arise while working with containers. By Sofija Simic, an aspiring technical writer at phoenixNAP.

  ---

  Tags docker devops infosec containers software-architecture cio

• How to set up your own home VPN server

  Posted on November 26, 2020, Level beginner Resource Length medium

  Virtual Private Networks (VPNs) are very useful, whether you're traveling the world or just using public Wi-Fi at a coffee shop in your hometown. But you don't necessarily have to pay for a VPN service—you could host your own VPN server at home. By Chris Hoffman.

  ---

  Tags how-to infosec miscellaneous servers

• DevSecOps – Dynamic analysis DAST with OWASP ZAP and Jenkins

  Posted on November 8, 2020, Level intermediate Resource Length long

  Dynamic Application Security Testing (DAST) also called Black Box Testing is a testing practice that will test the application by executing your web application. As we know, In SAST, a Web application will be tested inside the application which doesn't even require that the application should be running. By Prabhu Vignesh Kumar Rajagopal.

  ---

  Tags programming cicd web-development infosec

• What is risk management and how to integrate it into SDLC: Best explanation ever

  Posted on November 1, 2020, Level beginner Resource Length medium

  This article describes the primary concepts associated with organizing and managing the system-related information security risk in organizations. Concepts associated with organizing and managing the system-related information security risk in organizations. By Mr.Vic.

  ---

  Tags teams infosec management agile miscellaneous

• Mapping Moving clouds: How to stay on top of your ephemeral environments with Cartography

  Posted on October 21, 2020, Level intermediate Resource Length long

  Staying on top of ephemeral environments is a challenge many organizations face. This blog post describes the process we undertook at Thought Machine, a cloud-native company with environments spanning across multiple cloud providers, to identify a solution able to detect, identify, categorize, and visualize all the cloud assets being deployed in an organization. Written by Marco Lancini, Security Engineer.

  ---

  Tags cloud infosec cio devops software-architecture

• Kafka with Java: Build a secure, scalable messaging app

  Posted on October 16, 2020, Level intermediate Resource Length medium

  Today's users expect your app to be accessible from their computer, mobile phone, tablet, or any other device! This transition to Software as a Service (SaaS) as the norm requires developers to effectively integrate with robust tools that scale to handle thousands (or even millions) of requests every second. Apache Kafka is one of the most effective tools for handling those high throughput environments. By Daniel Pereira.

  ---

  Tags microservices event-driven messaging java software-architecture infosec

• Angular security best practices

  Posted on October 2, 2020, Level beginner Resource Length medium

  This time, we dive straight into the modern Angular security best practices. By Liran Tal, Natalia Venditto.

  ---

  Tags nodejs angular frontend web-development infosec

• Never write a UserService again

  Posted on September 25, 2020, Level beginner Resource Length long

  Recently at our semi-regular architecture discussion group, we've been looking at the Auth0 service: what it is, how it works and when it might be a good idea to use it. By Adam Warski.

  ---

  Tags devops microservices event-driven infosec

• How do routers work, really?

  Posted on September 21, 2020, Level intermediate Resource Length long

  This is the inside view of how exactly a router operates. You only need to know this if you are poking inside a router implementation. If that is the case, my condolences. By Kamila Součková.

  ---

  Tags cloud infosec miscellaneous learning servers browsers distributed

• Eight benefits of a cyber security policy

  Posted on September 13, 2020, Level beginner Resource Length short

  Learn what a cyber security policy is and why it's important for protecting your small business. Whilst many businesses have expanded into the world of ecommerce and online shopping in recent months, strong cyber security is essential to protect both you and your customers. By fsb.org.uk.

  ---

  Tags infosec cloud devops cio

• IBM completes successful field trials on Fully Homomorphic Encryption

  Posted on August 8, 2020, Level beginner Resource Length medium

  Fully Homomorphic Encryptio (FHE) allows computation of still-encrypted data, without sharing the secrets. We're already accustomed to data being encrypted while at rest or in flight—FHE offers the possibility of doing computations on it as well, without ever actually decrypting it. By Jim Salter.

  ---

  Tags ibm performance infosec software-architecture linux

• ← Newer Posts
• Older Posts →