Блог DZone Security | DevsDay.ru

IT-блоги Блог DZone Security

IT-блоги Блог DZone Security


Безопасность DZone Security 16 мая 2022 г. 19:30

The problem of cybersecurity is quite severe nowadays. Even large and well-known companies face the problem of sensitive user data leakage. It can be unauthorized access to databases, leaked logs, etc. Quite often, we encounter day 0 vulnerabilities...... читать далее

Безопасность DZone Security 16 мая 2022 г. 15:56

The new threats in software development are not only related to the specific company itself. The whole software supply chain is a target for attackers, and it is essential to make sure that we put all our effort into securing each link because if one...... читать далее

Безопасность DZone Security 11 мая 2022 г. 14:52

Storing passwords can be a nuance due to the liability of them being compromised. To make matters worse, users tend to reuse passwords across services which makes storing them securely even more important. The aim behind storing passwords securely is...... читать далее

security opensource authorization login authenciation jwt token json web tokens

Безопасность DZone Security 6 мая 2022 г. 15:11

Bob, the software architect, and Alice, the SecDevOps engineer are part of a growing software development start-up company. Here is the conversation between them on developing a new set of microservices. Bob: Did you hear the announcement? The client...... читать далее

devsecops

Безопасность DZone Security 5 мая 2022 г. 17:41

Cybersecurity is critical today, with data breaches becoming more common and sophisticated. As a result, cybersecurity risk management is a complex and ever-changing field. After checking out some online surveys, we found around 304.7 million ransomw...... читать далее

cybersecurity devsecops penetration testing vulnerability vulnerability management

Безопасность DZone Security 4 мая 2022 г. 18:02

Computer-aided design (CAD) and computer-aided manufacturing (CAM) files are increasingly instrumental in planning and producing various products. However, you may initially overlook the possibility of cybercriminals targeting CAD and CAM files when...... читать далее

security data security cad cam design

Безопасность DZone Security 3 мая 2022 г. 14:24

Cybercrimes are more rampant in the year 2022. The rate of cybercrimes is increasing every year, and it is expected to reach its highest next year. It is said that cybercrime affects the security of more than 80% of businesses throughout the wor...... читать далее

cybersecurity ransomware data privacy cyberattacks phishing ransomware attacks data privacy and data security cybersecurity analysis cybersecurity tips ransomware as a service

Безопасность DZone Security 2 мая 2022 г. 19:09

As the world enters a digital age, cyber threats are rising with massive data breaches, hacks into personal and financial data, and any other digital source that people can exploit. To combat these attacks, security experts are increasingly tapping i...... читать далее

cybersecurity artificial intelligence (ai) machine learning & ai deep learning applications

Безопасность DZone Security 30 апреля 2022 г. 23:51

This week, we have an article on 7 reasons why API security strategies are failing, details on the recent keynote by Werner Vogels at AWS re:Invent on 6 rules for good API design, an article by Cisco on API discovery, and a review of some of the bigg...... читать далее

aws api security inventory api vulnerabilities api strategy breaches

Безопасность DZone Security 29 апреля 2022 г. 1:11

Properly securing sensitive customer data is more important than ever. Consumers are increasingly insisting that their data be secured and managed properly. The regulatory environment is also becoming tougher, and business requirements are becoming i...... читать далее

security gdpr data privacy pii customer data pi sensitive data

Безопасность DZone Security 28 апреля 2022 г. 23:11

Securing applications is not the easiest thing to do. An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. With all these components to secure, building a secure application can s...... читать далее

security devops nosql sql c# appsec cybersecuity vulnerabilites injections

Безопасность DZone Security 25 апреля 2022 г. 22:36

Securing applications is not the easiest thing to do. An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. With all these components to secure, building a secure application can s...... читать далее

tutorial python cybersecurity vulnerabilities appsec python application developers

Безопасность DZone Security 25 апреля 2022 г. 17:17

Any company working with sensitive data needs to make security a top priority. Sensitive data could include payment card industry (PCI) data like credit card info, personally identifiable information (PII) like social security numbers, protected heal...... читать далее

security web development outsourcing privacy data storage credit card pci pii phi skyflow

Безопасность DZone Security 22 апреля 2022 г. 16:18

As cloud and Kubernetes have become a standard, security remains one of the top inhibitors to modern application development. To reduce security risks, organizations can’t manage access control on a cluster-by-cluster basis. And not finding a scalabl...... читать далее

cloud kubernetes cluster access control security tools api authentication deplotyment api server

Безопасность DZone Security 22 апреля 2022 г. 13:22

XSS, or Cross-Site Scripting, is one of the most common vulnerabilities found in applications. In bug bounty programs of different organizations, XSS consistently ranks as the most common vulnerability found. Today, let’s learn how these attacks work...... читать далее

java security python scala node.js c# go xss prevention

Безопасность DZone Security 21 апреля 2022 г. 13:57

With stateless JWT Tokens for security, short TTLs (1 min) can be used. These tokens are then refreshed during their time to live. If the server does not get to know when a user has logged out, a token of a logged-out user could continue to be refres...... читать далее

java security microservices spring boot spring architecture jwt authentication jwt token jwt token-based architecture

Безопасность DZone Security 21 апреля 2022 г. 1:18

WordPress security has been an important topic ever since the content management system was released back in 2003. As with any highly popular piece of software with a long and rich history, the CMS can sometimes become the target of WordPress hackers...... читать далее

security seo wordpress plugin wordpress admin

Безопасность DZone Security 19 апреля 2022 г. 20:48

What Is an Effective Penetration Testing Report? Following the recent trend of cyberattacks against IT infrastructure, service organizations have a steady rise in demand to conduct penetration testing on IT resources to ensure all vulnerabilities are...... читать далее

tutorial pen testing reporting tool penetration test pen tests penetration tester penetration testing tutorial

Безопасность DZone Security 19 апреля 2022 г. 20:16

There are plenty of reasons for enterprises that work with cardholder data to care about payment card industry (PCI) compliance. For starters, maintaining PCI compliance is an essential part of protecting cardholders, reducing fraud, and avoiding dam...... читать далее

security data security pci standards payment app pci pci compliance payment card industry pci dss marqeta

Безопасность DZone Security 19 апреля 2022 г. 18:45

So, do you think your APIs are secure? You might want to take another look at your security.... читать далее

security cybersecurity api management api security api gateway api strategy owasp top 10 web application firewall api first