Tag: Infosec
-
Better software design with application layer use cases | Enterprise Node.js + TypeScript
Posted on August 9, 2019, Level intermediate Resource Length long
In this article, we explore how organizing application logic as Use Cases in the application layer helps to make large typescript projects easier to reason about. Written by Khalil Stemmler.
Tags nodejs javascript software infosec
-
Blockchain solutions make financial services fairer, faster
Posted on August 8, 2019, Level intermediate Resource Length long
Sean Bennett wrote this article for IBM about how they applied blockchain technology to traditional fiat currencies.
Tags crypto blockchain fintech ibm software infosec
-
Authorization: Securing HTTP APIs with RBAC rules
Posted on August 7, 2019, Level intermediate Resource Length long
Learn how to use Auth0's Role-Based Access Control (RBAC) feature to secure HTTP APIs with ease. An article by Bruno Krebs. This is the second, technical post in a 3-part series on focusing on Authorization. Stay tuned for the last part in this series, focusing on dynamic authorization.
Tags programming software nodejs web-development infosec
-
Maximizing your security posture with Azure ATP
Posted on August 3, 2019, Level intermediate Resource Length medium
Interesting article from Chris Hallum from Microsoft. Their customers spend a lot of time and money on security solutions and very few of them are taking full advantage of the solutions they've deployed. Even fewer of them are deploying or maintaining these solutions correctly. Based on this it's not surprising to see stats like "93% of all breaches could have been avoided if basic cyber hygiene had been in place" (Online Trust Alliance).
Tags cloud infosec devops azure software-architecture
-
How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection
Posted on July 31, 2019, Level intermediate Resource Length short
Microsoft Defender ATP Research Team interesting article about inner workings of Windows Defender. Detecting and stopping attacks that tamper with kernel-mode agents at the hypervisor level is a critical component of the unified endpoint protection platform in Microsoft Defender Advanced Threat Protection.
Tags cloud infosec azure machine-learning software
-
Managing a secure JSON Web Token Implementation
Posted on July 22, 2019, Level beginner Resource Length medium
Daniel Fanara wrote this article about more advanced topics of managing secure JSON Web Tokens (JWT). They are great for representing a user's authentication / authorization state without needing to maintain a server-side session store.
Tags infosec devops json infosec web-development
-
Managing a secure JSON Web Token Implementation
Posted on July 22, 2019, Level beginner Resource Length medium
Daniel Fanara wrote this article about more advanced topics of managing secure JSON Web Tokens (JWT). They are great for representing a user's authentication / authorization state without needing to maintain a server-side session store.
Tags infosec devops json infosec web-development
-
Getting security to scale: learnings from modern app sec teams
Posted on July 15, 2019, Level beginner Resource Length long
Article by Jean-Baptiste Aviat about security challenges when operating at scale. The author sat with some of the best app sec teams operating today, and he figured there was a lot we could learn from them. The goal was to understand the challenges and the way these teams are working.
Tags infosec cloud devops
-
How a quantum computer could break 2048-bit RSA encryption in 8 hours
Posted on July 13, 2019, Level beginner Resource Length short
A new study shows that quantum technology will catch up with today's encryption standards much sooner than expected. That should worry anybody who needs to store data securely for 25 years or so. Article open MIT Technology review (technologyreview.com) site.
Tags infosec data-science machine-learning
-
Kali Linux in the DigitalOcean Cloud
Posted on July 3, 2019, Level beginner Resource Length short
Tutorial by Thomas d'Otreppe about installing custom image of Kali Linux on DigitalOcean. DigitalOcean is a cloud provider similar to AWS, Microsoft Azure, Google Cloud Platform, and many others. They offer instances, called "droplets", with different Linux distributions such as Debian, Ubuntu, FreeBSD, etc. Similar to AWS, DigitalOcean has datacenters around the world and sometimes multiple datacenters in each country.
Tags cloud infosec servers
-
Exploring container security: Encrypting Kubernetes secrets with Cloud KMS
Posted on June 20, 2019, Level intermediate Resource Length short
At Google Cloud, they care deeply about protecting your data. That's why Google encrypts data at rest by default, including data in Google Kubernetes Engine (GKE). Guide focusing on containers security directly from Google.
Tags cloud servers google infosec
-
Getting started with OpenSSL: Cryptography basics
Posted on June 19, 2019, Level beginner Resource Length medium
Good primer on the cryptography topic. Aimed at anybody in need of a primer on cryptography basics, especially regarding OpenSSL. By Marty Kalin.
Tags infosec cloud servers