Tag: Infosec

• Your complete guide to SSL/TLS and HTTPS

  Posted on May 10, 2022, Level beginner Resource Length medium

  Between the ever-increasing global cybersecurity threats and Google's tightening security standards, it's more important than ever for business owners to take active measures to safeguard their sites. Otherwise, you're putting both yourself and your customers at risk. Not good. By David Wahlstrom.

  ---

  Tags ssl how-to infosec linux cio

• Rapid event notification system at Netflix

  Posted on May 3, 2022, Level intermediate Resource Length medium

  Netflix has more than 220 million active members who perform a variety of actions throughout each session, ranging from renaming a profile to watching a title. Reacting to these actions in near real-time to keep the experience consistent across devices is critical for ensuring an optimal member experience. By Ankush Gulati, David Gevorkyan.

  ---

  Tags streaming messaging kubernetes containers devops infosec

• Increasing the security bar in Ingress-NGINX v1.2.0

  Posted on May 2, 2022, Level intermediate Resource Length medium

  The Ingress may be one of the most targeted components of Kubernetes. An Ingress typically defines an HTTP reverse proxy, exposed to the Internet, containing multiple websites, and with some privileged access to Kubernetes API (such as to read Secrets relating to TLS certificates and their private keys). By Ricardo Katz (VMware), James Strong (Chainguard).

  ---

  Tags nginx kubernetes containers devops infosec

• MySQL 8: Password verification policy

  Posted on April 28, 2022, Level intermediate Resource Length medium

  The artcicle discusses the password verification-required policy introduced in MySQL 8.0.13. With this feature, it is possible to require that attempts to change an account password be verified by specifying the existing current password to be replaced. By Brian Sumpter.

  ---

  Tags mysql database cio infosec devops

• How to automate security metrics without upsetting your colleagues

  Posted on April 12, 2022, Level beginner Resource Length short

  The need for greater automation in security metrics and measurement is clear to most people in our industry. Security teams have the luxury of access to an enormous amount of security data, giving insight into every aspect of their environments. By Nik Whitfield.

  ---

  Tags infosec management miscellaneous cio analytics

• Facelift Kurun for Kubernetes event tunneling

  Posted on April 8, 2022, Level intermediate Resource Length medium

  Kurun is a multi-tool to help Kubernetes developers. We can summarize one of its features in a short sentence: just like go run main.go but executed inside Kubernetes with one command. By Sándor Lovász.

  ---

  Tags cio infosec kubernetes containers devops

• A new security approach for the new age of multi-cloud

  Posted on April 7, 2022, Level beginner Resource Length short

  Most organizations today deploy web applications across multi-cloud and hybrid environments. However, existing models for application security are obsolete and no longer up to the task of providing high-grade, consistent, and frictionless application security across clouds. By Eyal Arazi.

  ---

  Tags cio infosec cloud

• Build a secure e-commerce app with SuperTokens and Hasura GraphQL

  Posted on April 6, 2022, Level intermediate Resource Length long

  This tutorial will show you how to develop a secure e-commerce store using SuperTokens authentication in a React.js app. We'll use a modern stack that includes React, Hasura GraphQL, and SuperTokens. By Ankur Tyagi.

  ---

  Tags app-development infosec web-development nosql apis nosql

• Exploring Windows UAC bypasses: Techniques and detection strategies

  Posted on February 9, 2022, Level beginner Resource Length long

  Malware often requires full administrative privileges on a machine to perform more impactful actions such as adding an antivirus exclusion, encrypting secured files, or injecting code into interesting system processes. By @sbousseaden.

  ---

  Tags cio infosec miscellaneous analytics

• DevSecOps: Why you should care and how to get started

  Posted on February 7, 2022, Level beginner Resource Length long

  The increasing popularity of DevOps software development methodologies has led to shorter and more agile life cycles, in which software is released and deployed in minutes or hours rather than the days, weeks, or even months required under traditional practices. However, many development teams still experience delays in getting releases into production due to the security considerations that are traditionally brought to bear at the end of the life cycle. To address this, organizations are more and more frequently adopting a DevSecOps approach. By Katrina Novakovic, Chris Jenkins.

  ---

  Tags devops cloud app-development infosec

• Enabling transparent data encryption for Microsoft SQL with Vault

  Posted on February 3, 2022, Level intermediate Resource Length medium

  Learn how HashiCorp Vault can help secure data in Microsoft SQL Server using a defense-in-depth encryption strategy. By Narayan Iyengar.

  ---

  Tags database infosec cloud azure

• Securing IoT with Quantum Cryptography

  Posted on January 25, 2022, Level intermediate Resource Length short

  The Internet of Things (IoT) is a growing technology that continues to gain traction year after year. On the one hand, it can be helpful, but on the other hand, it carries many security threats. These threats include scalable remote attacks, side-channel attacks on cryptography, DDoS attacks, data breaches, malware, and others. By Roland Atoui.

  ---

  Tags cloud cio infosec crypto iot

• ← Newer Posts
• Older Posts →