Tag: Infosec

• Introducing Kubewarden, an open source policy engine

  Posted on May 28, 2021, Level intermediate Resource Length medium

  Security has always been a wide and complex topic. A recent survey from StackRox about the state of containers and Kubernetes security provides some interesting data on these topics. By Flavio Castelli.

  ---

  Tags open-source kubernetes software containers devops infosec

• SSL with Spring WebFlux and Vault PKI

  Posted on May 24, 2021, Level beginner Resource Length short

  In this article, you will learn how to configure the Vault PKI engine and integrate it with Spring WebFlux. By Piotr Minkowski.

  ---

  Tags infosec java programming

• Bad bot traffic breaks records in 2020

  Posted on May 18, 2021, Level beginner Resource Length short

  Bad bots have long been a major illness plaguing the internet. As internet traffic reached new heights throughout the global pandemic, unfortunately so did bot traffic. By Erez Hasson.

  ---

  Tags bots infosec analytics web-development software

• Best practices for Node.js security

  Posted on May 15, 2021, Level beginner Resource Length medium

  Like any other programming language or framework, Node.js is susceptible to every type of web app exposure. Although the basis of Node.js is secure, third-party packages may need more security standards to safeguard your web app. The study says that 14% of the NPM (Node Package Manager) ecosystem is impacted and 54% of the NPM ecosystem is about to be impacted indirectly. By Kiran Malvi.

  ---

  Tags infosec web-development nodejs javascript

• Defenseless: UVA engineering computer scientists discover vulnerability affecting computers globally

  Posted on May 7, 2021, Level beginner Resource Length medium

  In 2018, industry and academic researchers revealed a potentially devastating hardware flaw that made computers and other devices worldwide vulnerable to attack. Since Spectre was discovered, the world's most talented computer scientists from industry and academia have worked on software patches and hardware defenses, confident they've been able to protect the most vulnerable points in the speculative execution process without slowing down computing speeds too much. By Audra Book @virginia.edu.

  ---

  Tags infosec management cio miscellaneous software linux servers crypto

• How to establish a DevSecOps organization

  Posted on April 29, 2021, Level intermediate Resource Length long

  DevSecOps integrates automated security checks and hardening into every stage of the software development and deployment process. Practitioners aim to have risk-checked applications fully developed and into production at the speed the business needs, making continuous incremental improvements. By Chris Buijs.

  ---

  Tags infosec devops management cio kubernetes

• Worst nightmare cyberattack: The untold story of the SolarWinds hack

  Posted on April 16, 2021, Level beginner Resource Length long

  The routine software update may be one of the most familiar and least understood parts of our digital lives. By Dina Temple Raston.

  ---

  Tags infosec cio management software crypto servers

• Malicious PDFs: Revealing the techniques behind the attacks

  Posted on April 9, 2021, Level beginner Resource Length medium

  Most of us are no strangers to phishing attempts, and over the years we've kept you informed about the latest tricks used by attackers in the epidemic of phishing and spear-phishing campaigns that plague, in particular, email users. This is an older but useful article by Phil Stokes.

  ---

  Tags infosec cio cloud learning

• In-depth dive into security features of Intel/Windows platform secure boot process

  Posted on April 7, 2021, Level advanced Resource Length long

  This blog post is an in-depth dive into the security features of the Intel/Windows platform boot process. In this post I'll explain the startup process through security focused lenses, next post we'll dive into several known attacks and how they were handled by Intel and Microsoft. By Igor Bogdanov.

  ---

  Tags infosec cio cloud miscellaneous learning performance

• Study reveals the state of mobile application security

  Posted on March 28, 2021, Level beginner Resource Length medium

  The Synopsys Cybersecurity Research Center (CyRC) analyzed more than 3,000 popular Android applications to assess the state of mobile app security during the COVID-19 pandemic. By @securitymagazine.com.

  ---

  Tags infosec ios android software-architecture cloud cio app-development

• How to mitigate Low-Code security risks

  Posted on March 25, 2021, Level beginner Resource Length long

  Gartner predicts that by the end of 2025, over 65% of development projects will use low-code builders. The field of low-code continues to expand. But what security implications does low-code introduce? By Bill Doerrfel.

  ---

  Tags infosec cloud cio software software-architecture cicd

• Browser attack allows tracking users online with JavaScript disabled

  Posted on March 11, 2021, Level beginner Resource Length short

  Researchers have discovered a new side-channel that they say can be reliably exploited to leak information from web browsers that could then be leveraged to track users even when JavaScript is completely disabled. By Ravie Lakshmanan.

  ---

  Tags infosec javascript browsers web-development

• ← Newer Posts
• Older Posts →