Tag: Infosec

• Cloud platform teams are everywhere — here's why

  Posted on August 12, 2022, Level beginner Resource Length medium

  In HashiCorp's new State of Cloud Strategy survey, 86% of respondents said they rely on cloud platform teams — for a wide variety of very good reasons. Organizations with complex business requirements have long sought ways to simplify operations and boost the productivity of their software development teams. It appears business and IT leaders have found an answer: adopt and empower centralized cloud platform teams. By Jared Ruckle.

  ---

  Tags cloud management infosec teams devops

• How to build an organizational culture that is 'cybersecurity ready'

  Posted on August 11, 2022, Level beginner Resource Length long

  Cyber threats are some of the biggest challenges organizations face, but cybersecurity failure is still seen as a critical short-term risk.. By Artem Nikulchenko. By Candid Wüest, Nisha Almoula, Roman Hagen @weforum.org.

  ---

  Tags cio management infosec teams frameworks

• Reduce energy security risk and improve resilience with Microsoft Defender for IoT

  Posted on August 3, 2022, Level beginner Resource Length long

  In this blog, author wants to underscore the urgency around cybersecurity, how it's evolving, and how companies can use technology to manage risk. By Darryl Willis.

  ---

  Tags devops app-development infosec azure

• Handling errors encountered when using Firebase email and password authentication (Kotlin)

  Posted on July 17, 2022, Level beginner Resource Length medium

  Firebase is a solution to enable developers to focus more on building the applications without the need of worrying about managing the backend. Features like user authentication, database, file storage, notifications, and more can be handled by Firebase. By Atanda Oluchi Aminat.

  ---

  Tags web-development app-development infosec kotlin

• 6 best practices to improve Node.js security

  Posted on July 6, 2022, Level beginner Resource Length medium

  Today, Node.js is widely used in web and mobile applications, for it fills the gap between front-end and back-end applications. Unfortunately, increased usage of Node.js has opened new doors for attackers to exploit misconfigurations and vulnerabilities. By Lahiru Hewawasam.

  ---

  Tags infosec app-development javascript web-development nodejs

• Securing Kafka infrastructure at Uber

  Posted on June 27, 2022, Level intermediate Resource Length medium

  Uber has one of the largest deployments of Apache Kafka® in the world. It empowers a large number of real-time workflows at Uber, including pub-sub message buses for passing event data from the rider and driver apps, as well as financial transaction events between the backend services. By Prateek Agarwal, Ryan Turner, and KK Sriramadhesikan.

  ---

  Tags software-architecture infosec devops performance queues messaging streaming distributed

• Automating AWS IAM remediation in Python

  Posted on June 20, 2022, Level advanced Resource Length long

  Since automating IAM remediation requires recurring parsing of JSON documents, modulating your parsing function(s) will save you time as you work on each control. If you have controls that pertain to trust policies, you will need a separate function to parse those out since the format differs from that of permission policies. By Cody Bench.

  ---

  Tags python app-development infosec programming cio

• IAM policy types: How and when to use them

  Posted on June 3, 2022, Level beginner Resource Length long

  You manage access in AWS by creating policies and attaching them to AWS Identity and Access Management (IAM) principals (roles, users, or groups of users) or AWS resources. AWS evaluates these policies when an IAM principal makes a request, such as uploading an object to an Amazon Simple Storage Service (Amazon S3) bucket. Permissions in the policies determine whether the request is allowed or denied. By Matt Luttrell and Josh Joy.

  ---

  Tags infosec cio agile management

• Secure communication with light particles

  Posted on May 25, 2022, Level beginner Resource Length long

  Researchers are developing an anti-eavesdropping quantum network. By Technische Universitat Darmstadt.

  ---

  Tags miscellaneous learning data-science cloud infosec

• How a Man-in-the-Middle attack works

  Posted on May 22, 2022, Level beginner Resource Length medium

  Man-in-the-middle (or MitM) attacks can occur when an attacker has the ability to intercept communications over the network. This allows the attacker to read -- and potentially modify -- these communications. By Rob Behnke.

  ---

  Tags ssl servers infosec web-development app-development

• Demand for cybersecurity skills rises as quantum computing threats tighten

  Posted on May 19, 2022, Level beginner Resource Length short

  There is a major shortage of cybersecurity professionals, with the equivalent of a major city worth of workers missing from the workforce. (ISC)2, the world's largest professional organization for cybersecurity workers, estimates in the paper linked above that the cybersecurity workforce will have to increase by 65% to meet demand. By Nils Gerhardt.

  ---

  Tags miscellaneous management cio teams career infosec

• What exactly should we be logging?

  Posted on May 15, 2022, Level intermediate Resource Length medium

  As a security architect and the technical leader for the Logging Made Easy project, I am often asked "what logs should I be collecting?" I absolutely hate the standard 'it depends' response. So, I've been answering with a question of my own: "For what?" This has led to a number of interesting discussions on the topic of who should be logging what, and when. By Adam B.

  ---

  Tags infosec devops programming learning software how-to

• ← Newer Posts
• Older Posts →