Tag: Infosec
-
Privacy fines: GDPR sanctions in 2021 exceeded $1 billion
Posted on January 20, 2022, Level beginner Resource Length medium
Privacy regulators in Europe last year imposed known fines totaling more than 1 billion euros ($1.2 billion) under the EU's General Data Protection Regulation, bolstered in part by two record-breaking sanctions, according to the law firm DLA Piper. But sanctions approach varies widely across 31 countries complying with privacy law. By Mathew J. Schwartz.
Tags infosec cio management web-development browsers miscellaneous analytics
-
What identity management teaches CSOs/CDOs about data-centric security
Posted on January 19, 2022, Level beginner Resource Length medium
At the turn of the 21st century, the identity management discipline within IT Security was born of necessity. Advancements in computer technology meant that every area, function, and discipline within organizations was turning to automation to gain a competitive advantage. A computer was placed on every desk, and servers, mini-computers, and mainframes were being deployed to automate every area of the business. By Chris Olive.
Tags big-data data-science infosec software-architecture cio how-to
-
JWT authentication in microservices
Posted on January 11, 2022, Level intermediate Resource Length medium
As with any Web Service, the microservices need to be protected from unauthorized access. So how do you protect each of your services? How does one share the token that is received from the Auth service?. By Anu Viswan.
Tags apis infosec restful devops
-
Choosing a cyber incident management platform
Posted on December 18, 2021, Level beginner Resource Length long
Efficiently dealing with an incident or crisis weighs heavily on three main factors; preparation, process and the tools you have to hand. The latter can greatly influence your incident management process and a cyber incident management platform should make the implementation of your incident response quick and easy rather than hinder it. By Cheryl.
Tags infosec management miscellaneous cio
-
Zero days explained: How unknown vulnerabilities become gateways for attackers
Posted on December 17, 2021, Level beginner Resource Length medium
A zero day is a security flaw for which the vendor of the flawed system has yet to make a patch available to affected users. You can't patch these holes—but you can still protect yourself. By Josh Fruhlinger.
Tags infosec app-development web-development devops learning
-
Managing Active Directory Objects with Azure AD provider for Terraform
Posted on December 15, 2021, Level intermediate Resource Length medium
Learn how to manage Active Directory Objects with Azure AD Provider for Terraform and see examples of how to authenticate and grant the correct permissions. By Adam Connelly.
Tags cloud infosec microservices
-
Zero trust workload security with GKE, Traffic Director, and CA Service
Posted on November 18, 2021, Level intermediate Resource Length medium
At the core of a zero trust approach to security is the idea that trust needs to be established via multiple mechanisms and continuously verified. Internally, Google has applied this thinking to the end-to-end process of running production systems and protecting workloads on cloud-native infrastructure, an approach we call BeyondProd. By Anoosh Saboori Product Manager, Zero Trust and Sanjay Pujare, Tech Lead, Proxyless gRPC Security.
Tags cloud containers gcp software-architecture infosec
-
User authentication with React and AWS Cognito
Posted on November 5, 2021, Level beginner Resource Length long
An article explaining how to integrate AWS Cognito with React for user authentication. Cognito collects a user's attributes, it enables simple, secure user authentication, authorization and user management for web and mobile apps. By Carlos Zuniga.
Tags infosec web-development open-source cloud react javascript
-
Unikraft and the coming of age of Unikernels
Posted on November 2, 2021, Level intermediate Resource Length long
Thanks to their excellent performance, unikernels have always had a great deal of potential for revolutionizing the efficiency of virtualization and cloud deployments. However, after many years and several projects, unikernels, for the most part, have not seen significant, real-world deployment. By Hugo Lefeuvre, Gaulthier Gain, Daniel Dinca, Alexander Jung, Simon Kuenzer, Vlad Bădoiu, Răzvan Deaconescu , Laurent Mathy, Costin Raiciu, Pierre Olivier, Felipe Huici.
Tags linux how-to performance programming infosec
-
Build and secure FastAPI server with Auth0
Posted on October 26, 2021, Level intermediate Resource Length medium
Learn the basics of FastAPI, how to quickly set up a server and secure endpoints with Auth0. By Mark Halpin.
Tags apis app-development infosec javascript python
-
Cybersecurity meets automotive business
Posted on October 24, 2021, Level beginner Resource Length medium
The automotive industry is well known for its security standards regarding the road safety of vehicles. All processes regarding vehicle development – from drawing board to sales – were standardized and refined over the years. Both internal tests, as well as globally renowned companies like NHTSA or EuroNCAP, are working hard on making the vehicle safe in all road conditions – for both passengers and other participants of road traffic. By Adam Kozłowski and by Marcin Wiśniewski.
Tags miscellaneous infosec robotics
-
Influencing ingress BGP routing using communities and local preference
Posted on October 19, 2021, Level advanced Resource Length long
Border Gateway Protocol (BGP) is an enormous protocol with a nearly endless list of features, knobs and capabilities. BGP's mechanism for choosing the best path is complex but also well known. You should brush up on that algorithm if you're out of practice. By Nicholas Russo.
Tags infosec servers linux devops cio