Безопасность • DZone Security • 12 октября 2021 г. 16:43
Application Security Testing helps organizations improve their comprehensive security posture by proactively identifying source code weaknesses and mitigating vulnerabilities as they arise. Unfortunately, irrespective of the security practices follow...... читать далее
cloud best practices cybersecuity sast rasp dast application secuity iastБезопасность • DZone Security • 30 сентября 2021 г. 23:37
Broken Access Control vulnerabilities are common in modern applications since the design and implementation of access control mechanisms rely on a highly complex ecosystem of multiple components and processes. In such a complex, changing ecosystem, s...... читать далее
opinion security cybersecuity owasp top 10 broken authenticationБезопасность • DZone Security • 24 сентября 2021 г. 16:22
While 2020 was all about the COVID-19 pandemic, it allowed the digital world to flourish, with businesses investing more and more resources in developing frameworks to interact with customers online. The demand for technologies like Artificial Intell...... читать далее
blockchain authentication cybersecuity artificial ... financial industryБезопасность • DZone Security • 16 сентября 2021 г. 10:24
Why are we naming animals on a cybersecurity site? The world would be a better place to inhabit if these were just cute animal names! Unfortunately, these are names of the most dangerous cyber organizations that deploy nefarious Advanced Persistent T...... читать далее
cybersecuity infosec cybercrimeБезопасность • DZone Security • 14 сентября 2021 г. 18:31
Apache Kafka became the de facto standard for processing data in motion across enterprises and industries. Cybersecurity is a key success factor across all use cases. Kafka is not just used as a backbone and source of truth for data. It also monitors...... читать далее
security machine learning analytics storage kafka cybersecuity data lake siem forensics threatБезопасность • DZone Security • 18 августа 2021 г. 14:32
For security purposes, it should go without saying, that anything users bring into an enterprise digital environment, like software drivers that have access to the system kernel, must be free from malicious code or software. Everything should be vett...... читать далее
security cybersecuity endpoint securityDevOps • DZone DevOps • 7 августа 2021 г. 19:21
In the wake of several highly publicized supply chain attacks, regulatory and media focus is shifting to address third-party software risk. The Department of Defense’s Cybersecurity Maturity Model Certification, established on January 31st, 2020, was...... читать далее
devops computer science software developent supply chain cybersecuityБезопасность • DZone Security • 4 августа 2021 г. 21:15
Undoubtedly, companies are blind, deaf, and in the middle of a freeway without big data analytics. Data is the new science whereas big data leverages the answer. Data production rates are evolving at a tremendous pace simultaneously with the human po...... читать далее
big data cyber attack cybersecuity cyberattacks security & defense risk assessment cybersecurity analysis predictive modelsБезопасность • DZone Security • 22 июля 2021 г. 16:26
This week, we have a detailed write-up on finding credit card numbers leaking from a GraphQL API, a lab walkthrough on hacking JSON web tokens (JWT) through SQL injection, and HackerOne’s new Capture The Flag (CFT) API Security challenge. On the reso...... читать далее
xml api apis api security graphql cybersecuity newsletter jwtБезопасность • DZone Security • 15 июля 2021 г. 14:18
This week, we take a look at the recently reported API vulnerabilities at Coursera and in one of the Huawei home gateways. We also learn about rate-limiting for GraphQL APIs and GraphQL discovery using its autocorrect feature. Vulnerability: Coursera...... читать далее
api apis api security graphql cybersecuity newsletter penetration testingБезопасность • DZone Security • 30 июня 2021 г. 18:33
Introduction Do you know that at this present age, an average person utilizes almost 36 cloud-based services each day? Also, Cloud data centers process nearly 94% of the total workload in 2021. A buzzword in the field of information technology...... читать далее
cyber attack cybersecuity cyber crime cloud access security broker cloud access secuirty cyber identity cloud access security brokers cyber fraud cyber law cyberthreatБезопасность • DZone Security • 24 июня 2021 г. 7:36
This week, we take a look at the recent API vulnerabilities at Apple, Amazon, and the volunteer coordination app of the Philippine opposition coalition, and there is an upcoming API security webinar by Gartner. Vulnerability: Apple iCloud Account Tak...... читать далее
news apple api amazon api security cybersecuity newsletter gartner icloud philippinesБезопасность • DZone Security • 23 июня 2021 г. 21:07
A strong identity governance strategy enables enterprises to safeguard information, facilitate compliance, and streamline work processes. Despite the benefits, implementing these processes has been perceived as a complex, on-premises project that tak...... читать далее
security cybersecuity identity access management identity governance business process automationБезопасность • DZone Security • 16 июня 2021 г. 7:00
Every digital aspect comes with a security risk if not handled properly. With billions of people using online and digital technologies worldwide, there are ample opportunities for hackers to break the security wall and create unrest all around. Cyber...... читать далее
cybersecuityБезопасность • DZone Security • 6 июня 2021 г. 23:04
Image credit: Unsplash In July 2019, Capital One became aware of a data breach inside their Amazon Web Services (AWS) cloud infrastructure. A security researcher found social media posts describing the attack, and after investigating the breach, the...... читать далее
data security encryption cybersecuity security analysis security breach breach preventionБезопасность • DZone Security • 8 апреля 2021 г. 17:28
This week, we check out the recent API vulnerabilities at VMware and GitLab, how URL parameters can lead to server-side request forgery (SSRF) vulnerabilities, and the upcoming webinar on some of the recent real-life API security flaws. Vulnerability...... читать далее
api apis api security newsletter cybersecuity ssrfБезопасность • DZone Security • 28 марта 2021 г. 13:33
With increased Cybersecurity challenges, firms are constantly battling to bring down the Mean Time to Detect/Discover (MTTD) of security threats. This is critical for multiple aspects such as customer satisfaction, legal compliance, and creditability...... читать далее
security analytics kibana logstash cybersecuity threat intelligence siem elastic stackБезопасность • DZone Security • 24 марта 2021 г. 19:30
First of all, Remote Desktop Protocol (RDP) is a network communications protocol developed by Microsoft mainly for remote access. The management of remote servers, virtual desktops, terminal servers, and applications is also done through a remote des...... читать далее
cloud computing cybersecuity virtual machine ransomware attacks ransomware preventionБезопасность • DZone Security • 12 марта 2021 г. 3:54
Software vulnerabilities have become a problem for people in almost every single industry, which has led many specialists to suggest that code needs to be made secure from the ground up. Since almost every type of business and governmental organizati...... читать далее
cryptography cybersecuity secuirty coding practicesБезопасность • DZone Security • 9 марта 2021 г. 0:36
There is a world war going on that people hardly talk about. While there aren't any physical explosions or military engagements, the threat is genuine and here to stay. This makes it important to take a page out of Sun Tzu's Art of War and think...... читать далее
cybersecuity infosec ethical hacking ethical hacker whitehat
