Безопасность • DZone Security • 5 декабря 2021 г. 9:49
You’ve heard of the GDPR and other regulations geared towards protecting personal data with threats of large fines, but it’s worth remembering that customers take the protection of their data seriously and are ready to switch brands if they lose fait...... читать далее
privacy gdpr automation & technology solutions data privacy data privacy and data security process management privacy by design data monitoringБезопасность • DZone Security • 5 декабря 2021 г. 0:46
While GraphQL enables the creation of flexible APIs, it is considered prone to allow malicious queries that compromise application servers. Being one of the most popular query languages, commonly found vulnerabilities make GraphQL Security a topic of...... читать далее
cybersecurity cloud security graphql security analysis graphql applicationsБезопасность • DZone Security • 2 декабря 2021 г. 12:18
Over the last year, artificial intelligence (AI) has become a huge part of our everyday lives, which is something of a mixed bag that has brought along a wide variety of both positive and negative influences. On one hand, there are algorithms that ar...... читать далее
ai cybersecuity dark web biometric authentication phishing protection threat managementБезопасность • DZone Security • 1 декабря 2021 г. 3:54
Serverless reduces a lot of operational burdens, but a secure architecture is still your responsibility. From web threats over IAM principles to auditing and monitoring, learn more about securing serverless architectures in this 2-parter infographic:... читать далее
devops aws serverless devsecops appsec presentation serverless architecture app security secret management iam policyБезопасность • DZone Security • 30 ноября 2021 г. 15:47
Workforces today are dynamic, with employees, contractors, freelancers, and other third parties constantly changing roles, projects, or moving companies. This makes it difficult for IT teams to manage access controls in a timely manner and opens the...... читать далее
it security access control ephemeral access credential manager access security twingateБезопасность • DZone Security • 29 ноября 2021 г. 21:06
As technology continues to become more relevant for businesses worldwide, the importance of securing business-critical applications and their underlying tech stack continues to gain prominence. With the changing threat landscape, it is often impracti...... читать далее
cloud security application security cybersecuity ethical hacking white hat hackingБезопасность • DZone Security • 29 ноября 2021 г. 19:31
While the relationship between software development and security hasn't always been harmonious, recent research suggests the two are becoming much more aligned. In one study, almost half of developers said they had prioritized learning or improving A...... читать далее
devops developer devsecops appsec code securityБезопасность • DZone Security • 28 ноября 2021 г. 9:16
In different programming languages, the behavior of virtual functions differs when it comes to constructors and destructors. Incorrect use of virtual functions is a classic mistake. Developers often use virtual functions incorrectly. In this article,...... читать далее
programming c++ static analysis pvs-studio cpp static code analysis pitfallsБезопасность • DZone Security • 26 ноября 2021 г. 21:45
WebRTC is changing the way we live by establishing new norms in communication. WebRTC makes this possible by supporting real-time browser-to-browser communication without additional plugins. It provides peer-to-peer (P2P) file sharing and streaming o...... читать далее
api communication encryption webrtc real time server security client security communication security webrtc communication webrtc threatsБезопасность • DZone Security • 26 ноября 2021 г. 21:38
The NAC solution implements security control over access users to provide end-to-end security. What Are the Capabilities of NAC? NAC provides the following capabilities:... читать далее
security networking nac application nac solution network admission controlБезопасность • DZone Security • 23 ноября 2021 г. 14:56
This week, we have news of a high criticality vulnerability on GoCD, a common open-source CI/CD system, allowing attackers to hijack secrets of downstream supply chains. There is also an excellent article on the journey of Raiffeisen Bank Internation...... читать далее
api devsecops ci/cd api security security championsБезопасность • DZone Security • 23 ноября 2021 г. 1:56
This week, we have details of a potential vulnerability in existing Prometheus installations with no endpoint security enabled, details of a new tool to assist organizations to map their API attack surface, a report on the analysis of publicly availa...... читать далее
api training prometheus openapi attack surface secure apisБезопасность • DZone Security • 23 ноября 2021 г. 1:31
This week, we have a vulnerability report from Alissa Knight on Fast Healthcare Interoperability and Resources (FHIR) APIs being potentially vulnerable to abuse, and more details on how the breach at MakerBot’s Thingiverse 3D printing repository webs...... читать далее
api 3d printer breaches fhir analysis and reportБезопасность • DZone Security • 21 ноября 2021 г. 8:53
The Online Web Application Security Project (OWASP) helps organizations improve their security posture by offering guidelines based on real-world scenarios and community-led open-source projects. Out of the various threats, OWASP considers Code Injec...... читать далее
cybersecurity cloud security cyber attack code injectionБезопасность • DZone Security • 20 ноября 2021 г. 9:13
In this hands-on tutorial, you will learn how to connect securely to an AWS IoT MQTT broker using mutual certificate authentication. An online interactive Lua tutorial includes ready-to-use Lua code, enabling you to connect to your own AWS IoT core i...... читать далее
mqttБезопасность • DZone Security • 20 ноября 2021 г. 8:40
Two of the leading cybersecurity platforms are Check Point and Palo Alto. Many tend to think that these top contenders are largely the same, so choosing any of the two wouldn’t be a bad idea. However, there are a few details that can spell major diff...... читать далее
cybersecurityБезопасность • DZone Security • 20 ноября 2021 г. 7:53
The test cases that you can work with effectively are the test cases you can quickly write and manage without correcting all the dependencies. Testing financial applications require specific knowledge of writing test cases and what type of test cases...... читать далее
quality assurance fintech testing and qa quality assurance and testing fintech app testing and developing financial app testing banking application testing testing applications banking application testing processБезопасность • DZone Security • 19 ноября 2021 г. 17:27
API security is on everyone’s mind: After all, APIs always opens up network-accessible interfaces that previously may not have been exposed. Making sure that this is not creating new risks means that securing APIs is an essential aspect of API m...... читать далее
security integration api management api security owasp top 10Безопасность • DZone Security • 18 ноября 2021 г. 11:23
5. MedHelp AB Fine: 1,200,000 EUR Number of records affected: 900,000... читать далее
gdpr cyber attack data protection data breach vulnerabilites pentesting personal data security breach pentest network configurationБезопасность • DZone Security • 17 ноября 2021 г. 21:46
In today's digital world, everywhere and at all times, two parties exchange information, and day by day, it is growing exponentially. The exchange of data across systems is critical as they are vulnerable to attacks by external entities. As the...... читать далее
security ssl certificate cryptography tls openssl certificate authority x509 certificates public key encryption ssl handshake pki authentication
