Tag: Infosec

• Fortifying APIs with advanced security

  Posted on August 25, 2021, Level intermediate Resource Length long

  In F5's The State of Application Strategy in 2021 report, 58% of respondents said they are building a layer of APIs to modernize applications. Increasingly, though, breaches are taking the form of attacks on APIs. By Karthik Krishnaswamy.

  ---

  Tags nginx apis web-development app-development infosec

• Data security in a multi-cloud world

  Posted on August 17, 2021, Level beginner Resource Length intermediate

  Securing and protecting enterprise data is at the center of the modern security plan. There are many considerations for organizations that aim to move critical workloads and data stores to the cloud, and understanding how business-critical data will be accessed, stored, and secured is a paramount concern. Written by Chris Steffen.

  ---

  Tags ibm cloud infosec cio teams

• Modern least privilege and DevSecOps

  Posted on August 3, 2021, Level intermediate Resource Length medium

  James Watters, CTO for Modern Apps at VMware, gave a compelling talk at Cloud Native Security Day on what he called "modern least privilege." The basic concept is to apply the principle of least privilege across the DevSecOps lifecycle to properly secure modern apps. By Kit Colbert @VMware, Cloud CTO.

  ---

  Tags infosec cio devops kubernetes containers software-architecture

• How to fix cybersecurity skills gap? Competitive pay

  Posted on August 2, 2021, Level intermediate Resource Length medium

  How to close the cybersecurity skills gap? Here's a novel idea: pay security professionals better. By Jessica Lyons Hardcastle.

  ---

  Tags management infosec cio miscellaneous

• How to demonstrate ROI from your cyber security strategy

  Posted on August 1, 2021, Level intermediate Resource Length medium

  The best outcome from a well-executed cyber security strategy should be that a business experiences no change or disruption to their operations or systems in the case of an external threat. By Martin Riley.

  ---

  Tags management infosec cio cloud devops

• Safari isn't protecting the web, it's killing it

  Posted on July 30, 2021, Level beginner Resource Length long

  I have seen some interesting rebuttals, most commonly: Safari is actually protecting the web, by resisting adding unnecessary and experimental features that create security/privacy/bloat problems. That is worth further discussion, because it's widespread, and wrong. By Tim Perry.

  ---

  Tags browsers cloud javascript infosec

• Hardening Amazon EKS security with RBAC, secure IMDS, and audit logging

  Posted on July 25, 2021, Level intermediate Resource Length medium

  Misconfigurations in infrastructure as code (IaC) can be just as dangerous as vulnerabilities in code. Small mistakes in configuration can lead to the sensitive data being readable on the internet. By Kamil Potrec.

  ---

  Tags infosec cio aws cloud kubernetes containers devops

• Ransomware payouts in review. Highest Payments, trends & stats

  Posted on July 24, 2021, Level intermediate Resource Length medium

  Ransomware has come to be a customary instrument in the arsenal of cybercriminals who routinely attack individuals and organizations. Under such circumstances, their victims experience financial damage either by owning up to large ransomware payouts or by bearing the price of recovering from attacks. By Alina Georgiana Petcu.

  ---

  Tags infosec cio analytics cloud

• Getting started with static code analysis

  Posted on July 7, 2021, Level beginner Resource Length medium

  Static code analysis is the practice of examining application's source, bytecode, or binary code without ever executing the program code itself. Instead, the code under review is analyzed to identify any defects, flaws, or vulnerabilities which may compromise the integrity or security of the application itself. By John Vester, Sr. Architect, CleanSlate Technology Group.

  ---

  Tags app-development web-development devops programming cicd infosec

• Top 5 auth solutions for React Native

  Posted on June 29, 2021, Level beginner Resource Length long

  Get to know 5 auth providers for React Native to get a head start with your Authentication flow. By Viduni Wickramarachchi.

  ---

  Tags infosec react javascript app-development frontend

• SRE fundamentals 2021: SLIs vs SLAs vs SLOs

  Posted on June 7, 2021, Level intermediate Resource Length medium

  A big part of ensuring the availability of your applications is establishing and monitoring service-level metrics—something that our Site Reliability Engineering (SRE) team does every day here at Google Cloud. By Adrian Hilton, Customer Reliability Engineer, SRE.

  ---

  Tags app-development devops cio google programming infosec

• Cloud account takeovers present serious security risk to enterprises

  Posted on May 31, 2021, Level beginner Resource Length short

  Cloud account compromises cost organisations millions of dollars every year, with many IT professionals stating takeovers are a significant risk to their organisations. By Catherine Knowles.

  ---

  Tags cloud infosec cio management learning

• ← Newer Posts
• Older Posts →