Tag: Infosec

• Auth0 introduces adaptive MFA

  Posted on December 15, 2020, Level beginner Resource Length medium

  Adaptive MFA improves security and customer experience. According to Dashlane, the average US internet user has over 150 online accounts, with that number projected to double by 2022. By Randy Nasson and Antonio Fuentes.

  ---

  Tags infosec devops software-architecture learning cio

• How payment transaction processing works

  Posted on December 11, 2020, Level beginner Resource Length short

  Payment transactions occur in a matter of seconds. We can easily swipe our credit card or touch to pay, and there's an instant exchange of value. But it's not as simple as it seems. Behind every digital transaction is an intricate web of processes that enables nearly $2 trillion in payment volume. By privacy.com.

  ---

  Tags infosec miscellaneous learning cio

• Azure Container Registry: Securing container workflows

  Posted on December 10, 2020, Level intermediate Resource Length short

  Securing any environment requires multiple lines of defense. Azure Container Registry recently announced the general availability of features like Azure Private Link, customer-managed keys, dedicated data-endpoints, and Azure Policy definitions. These features provide tools to secure Azure Container Registry as part of the container end-to-end workflow. By Reshmi Mangalore Senior Program Manager.

  ---

  Tags infosec devops cloud containers azure

• Good-bye ESNI, hello ECH!

  Posted on December 8, 2020, Level beginner Resource Length long

  Most communication on the modern Internet is encrypted to ensure that its content is intelligible only to the endpoints, i.e., client and server. Encryption, however, requires a key and so the endpoints must agree on an encryption key without revealing the key to would-be attackers. By Christopher Patton.

  ---

  Tags infosec microservices devops app-development

• 10 docker security best practices

  Posted on November 30, 2020, Level intermediate Resource Length short

  Docker containers and Kubernetes are the driving force of a modern software development life cycle. Although Docker is a safer option than working on the host machine directly, many potential security issues may arise while working with containers. By Sofija Simic, an aspiring technical writer at phoenixNAP.

  ---

  Tags docker devops infosec containers software-architecture cio

• How to set up your own home VPN server

  Posted on November 26, 2020, Level beginner Resource Length medium

  Virtual Private Networks (VPNs) are very useful, whether you're traveling the world or just using public Wi-Fi at a coffee shop in your hometown. But you don't necessarily have to pay for a VPN service—you could host your own VPN server at home. By Chris Hoffman.

  ---

  Tags how-to infosec miscellaneous servers

• DevSecOps – Dynamic analysis DAST with OWASP ZAP and Jenkins

  Posted on November 8, 2020, Level intermediate Resource Length long

  Dynamic Application Security Testing (DAST) also called Black Box Testing is a testing practice that will test the application by executing your web application. As we know, In SAST, a Web application will be tested inside the application which doesn't even require that the application should be running. By Prabhu Vignesh Kumar Rajagopal.

  ---

  Tags programming cicd web-development infosec

• What is risk management and how to integrate it into SDLC: Best explanation ever

  Posted on November 1, 2020, Level beginner Resource Length medium

  This article describes the primary concepts associated with organizing and managing the system-related information security risk in organizations. Concepts associated with organizing and managing the system-related information security risk in organizations. By Mr.Vic.

  ---

  Tags teams infosec management agile miscellaneous

• Mapping Moving clouds: How to stay on top of your ephemeral environments with Cartography

  Posted on October 21, 2020, Level intermediate Resource Length long

  Staying on top of ephemeral environments is a challenge many organizations face. This blog post describes the process we undertook at Thought Machine, a cloud-native company with environments spanning across multiple cloud providers, to identify a solution able to detect, identify, categorize, and visualize all the cloud assets being deployed in an organization. Written by Marco Lancini, Security Engineer.

  ---

  Tags cloud infosec cio devops software-architecture

• Kafka with Java: Build a secure, scalable messaging app

  Posted on October 16, 2020, Level intermediate Resource Length medium

  Today's users expect your app to be accessible from their computer, mobile phone, tablet, or any other device! This transition to Software as a Service (SaaS) as the norm requires developers to effectively integrate with robust tools that scale to handle thousands (or even millions) of requests every second. Apache Kafka is one of the most effective tools for handling those high throughput environments. By Daniel Pereira.

  ---

  Tags microservices event-driven messaging java software-architecture infosec

• Angular security best practices

  Posted on October 2, 2020, Level beginner Resource Length medium

  This time, we dive straight into the modern Angular security best practices. By Liran Tal, Natalia Venditto.

  ---

  Tags nodejs angular frontend web-development infosec

• Never write a UserService again

  Posted on September 25, 2020, Level beginner Resource Length long

  Recently at our semi-regular architecture discussion group, we've been looking at the Auth0 service: what it is, how it works and when it might be a good idea to use it. By Adam Warski.

  ---

  Tags devops microservices event-driven infosec

• ← Newer Posts
• Older Posts →