Tag: Infosec
-
How to choose the right type of TLS/SSL certificate
Posted on April 28, 2023, Level beginner Resource Length medium
From the server administrators of highly technological organizations, to product managers of financial institutions, down to the one-man startups that just want to secure their shopping cart, the same question pops up: "If TLS/SSL certificates all do the same thing, what type should we get?" By Digicert.
Tags ssl servers cio learning infosec app-development
-
Cilium Mesh – One mesh to connect them all
Posted on April 23, 2023, Level beginner Resource Length medium
Cilium has rapidly become the standard in Kubernetes networking thanks due to its advanced security, performance, and exceptional scalability. With the increase in the adoption of Cilium, more and more customers have requested to bring Cilium to the world of virtual machines and servers. By Thomas Graf.
Tags app-development devops kubernetes containers infosec
-
How to connect to MySQL remotely with SSH PuTTY Tunnels: A step-by-step guide
Posted on April 6, 2023, Level beginner Resource Length long
MySQL is a popular relational database management system to organize and store data. Depending on your specific use cases and preferences, you can connect to a MySQL Server through a command-line interface, using GUI tools,such as dbForge Studio for MySQL, programming languages or via web-based interfaces such as phpMyAdmin. By Julia Evans.
Tags infosec cloud devops database servers
-
Intrusion detection network – Protecting from cyber attacks
Posted on March 19, 2023, Level intermediate Resource Length medium
As cyber threats continue to evolve, it's essential for businesses to have systems in place to protect against attacks. One important tool in the cybersecurity toolkit is an intrusion detection network (IDN). By Priyanshu Sahay.
Tags infosec cloud cio miscellaneous how-to
-
NGINX tutorial: How to securely manage secrets in containers
Posted on March 17, 2023, Level intermediate Resource Length medium
Many of your microservices need secrets to operate securely. Examples of secrets include the private key for an SSL/TLS certificate, an API key to authenticate to another service, or an SSH key for remote login. Proper secrets management requires strictly limiting the contexts where secrets are used to only the places they need to be and preventing secrets from being accessed except when needed. By Robert Haynes of F5.
Tags nginx infosec devops containers
-
How Web3 and a mesh organizational design can turn challenges into opportunities
Posted on March 4, 2023, Level intermediate Resource Length medium
We're in a new era (or at least the early days of a new chapter)—not just a new period in our technological history but also a new paradigm for how people work and contribute to solving problems. One significant challenge I've found in working with leaders is that most organizations are not designed to adapt—let alone thrive—in this new era. By Jen Kelchner.
Tags distributed infosec blockchain web-development app-development
-
Encrypt and decrypt data in Node.js using aes-256-cbc
Posted on March 3, 2023, Level intermediate Resource Length medium
This tutorial aims at teaching you how to encrypt and decrypt data in Node.js. The method provided here is pretty straightforward and easy to understand, as it has been written with the intention of enabling other programmers and developers to learn how to encrypt data in their applications. By Ugbem Job.
Tags infosec nodejs web-development how-to app-development
-
How to get started filling 3.4 million cybersecurity jobs
Posted on February 18, 2023, Level beginner Resource Length medium
It seems like it's getting harder to hire for security roles, just as attacks grow more sophisticated. Here's some advice to ease recruiting — and nurture security talent in-house. By Jennifer Riggins.
Tags miscellaneous management cio infosec cloud
-
Azure Confidential Computing on 4th gen Intel Xeon scalable processors with Intel TDX
Posted on January 28, 2023, Level beginner Resource Length short
Intel TDX meets the Confidential Computing Consortium (CCC) standard for hardware-enforced memory protection not controlled by the cloud provider, all while delivering minimal performance impact with no code changes. By Mark Russinovich Chief Technology Officer and Technical Fellow, Microsoft Azure.
Tags azure app-development infosec cloud servers
-
A hands-on approach to symmetric-key encryption
Posted on January 22, 2023, Level intermediate Resource Length medium
In this article, we will learn how symmetric-key encryption works from a practical perspective. We will use OpenSSL to put into practice some concepts about symmetric-key encryption. By Sergio Prado.
Tags miscellaneous infosec programming devops
-
NIST cybersecurity framework compliance with Sepio
Posted on January 12, 2023, Level intermediate Resource Length short
The NIST Cybersecurity Framework (NIST CSF) is a voluntary framework developed by the National Institute of Standards and Technology (NIST) to help organizations manage cybersecurity risk. It was created via an executive order from President Obama in 2013 to improve cybersecurity within critical infrastructure. By Julien Katzenmaier.
Tags infosec frameworks cio miscellaneous
-
Securing Lambda function URLs using Amazon Cognito, Amazon CloudFront and AWS WAF
Posted on December 31, 2022, Level intermediate Resource Length medium
Lambda function URLs is a dedicated HTTPs endpoint for a AWS Lambda function. You can configure a function URL to have two methods of authentication: IAM and NONE. IAM authentication means that you are restricting access to the function URL (and in-turn access to invoke the Lambda function) to certain AWS principals (such as roles or users). Authentication type of NONE means that the Lambda function URL has no authentication and is open for anyone to invoke the function. By Marcia Villalba.
Tags infosec microservices devops serverless