Безопасность • DZone Security • 28 апреля 2022 г. 23:11
Securing applications is not the easiest thing to do. An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. With all these components to secure, building a secure application can s...... читать далее
security devops nosql sql c# appsec cybersecuity vulnerabilites injectionsБезопасность • DZone Security • 21 февраля 2022 г. 15:40
We've all heard a lot about digital transformation and how it affects the IT world. Each of these technologies, whether it's big data, the Internet of Things (IoT), or cloud computing, has made a significant contribution to a range of enterprises. Fe...... читать далее
software testing digital transformation network security compliance cybersecuity security testing iot app privacy policy zero trust cspБезопасность • DZone Security • 19 февраля 2022 г. 13:56
The pace of digitization over the past two years has accelerated due to organizational needs driven by the ongoing pandemic. And that has meant that there's an ever-increasing flow of data now passing through digital channels that nobody anticipated...... читать далее
data protection cybersecuity data privacy development habitsБезопасность • DZone Security • 17 января 2022 г. 1:25
Introduction It’s estimated that already 50% of all global corporate data is being stored in the cloud, which is quite telling about the explosive growth of this still relatively young sector. We all know the benefits which propelled this adoption: i...... читать далее
cloud aws azure cloud security cybersecuity gcpБезопасность • DZone Security • 6 января 2022 г. 14:38
The number of web applications and APIs exposed to the internet are growing exponentially. Unsecure web applications and APIs are low-hanging fruit that attackers are targeting to steal sensitive data. In a recent report “State of the Web Security fo...... читать далее
api security web application security cybersecuity web application firewall web app securityБезопасность • DZone Security • 2 декабря 2021 г. 12:18
Over the last year, artificial intelligence (AI) has become a huge part of our everyday lives, which is something of a mixed bag that has brought along a wide variety of both positive and negative influences. On one hand, there are algorithms that ar...... читать далее
ai cybersecuity dark web biometric authentication phishing protection threat managementБезопасность • DZone Security • 29 ноября 2021 г. 21:06
As technology continues to become more relevant for businesses worldwide, the importance of securing business-critical applications and their underlying tech stack continues to gain prominence. With the changing threat landscape, it is often impracti...... читать далее
cloud security application security cybersecuity ethical hacking white hat hackingБезопасность • DZone Security • 12 ноября 2021 г. 2:11
Image Credit Many people erroneously assume that their home networks are too small to be targeted by cyberattackers and that cybersecurity is only meant for enterprises. Nothing could be more wrong. If the past few years have taught us anything about...... читать далее
opinion software cybersecuity secuirty firewall vulnerabilites breaches breach prevention anti virus home networkБезопасность • DZone Security • 10 ноября 2021 г. 17:48
Introduction Working for a company specialized in detecting secrets (if you don’t know what a secret is, please take a moment here and come back), we had to address the question: what would be a good way to categorize secrets? Take a look at this:... читать далее
github appsec cybersecuity infosec statistical analysis credentials cybersecurity analysisDevOps • DZone DevOps • 17 октября 2021 г. 13:19
DevOps aligns the work of software developers and other IT professionals to ensure better quality, faster time to market, and increased productivity. It emphasizes communication, collaboration, integration, and automation of all aspects of software d...... читать далее
devops adoption cybersecuity devops and cloud devops security security systemsБезопасность • DZone Security • 12 октября 2021 г. 16:43
Application Security Testing helps organizations improve their comprehensive security posture by proactively identifying source code weaknesses and mitigating vulnerabilities as they arise. Unfortunately, irrespective of the security practices follow...... читать далее
cloud best practices cybersecuity sast rasp dast application secuity iastБезопасность • DZone Security • 30 сентября 2021 г. 23:37
Broken Access Control vulnerabilities are common in modern applications since the design and implementation of access control mechanisms rely on a highly complex ecosystem of multiple components and processes. In such a complex, changing ecosystem, s...... читать далее
opinion security cybersecuity owasp top 10 broken authenticationБезопасность • DZone Security • 24 сентября 2021 г. 16:22
While 2020 was all about the COVID-19 pandemic, it allowed the digital world to flourish, with businesses investing more and more resources in developing frameworks to interact with customers online. The demand for technologies like Artificial Intell...... читать далее
blockchain authentication cybersecuity artificial ... financial industryБезопасность • DZone Security • 16 сентября 2021 г. 10:24
Why are we naming animals on a cybersecurity site? The world would be a better place to inhabit if these were just cute animal names! Unfortunately, these are names of the most dangerous cyber organizations that deploy nefarious Advanced Persistent T...... читать далее
cybersecuity infosec cybercrimeБезопасность • DZone Security • 14 сентября 2021 г. 18:31
Apache Kafka became the de facto standard for processing data in motion across enterprises and industries. Cybersecurity is a key success factor across all use cases. Kafka is not just used as a backbone and source of truth for data. It also monitors...... читать далее
security machine learning analytics storage kafka cybersecuity data lake siem forensics threatБезопасность • DZone Security • 18 августа 2021 г. 14:32
For security purposes, it should go without saying, that anything users bring into an enterprise digital environment, like software drivers that have access to the system kernel, must be free from malicious code or software. Everything should be vett...... читать далее
security cybersecuity endpoint securityDevOps • DZone DevOps • 7 августа 2021 г. 19:21
In the wake of several highly publicized supply chain attacks, regulatory and media focus is shifting to address third-party software risk. The Department of Defense’s Cybersecurity Maturity Model Certification, established on January 31st, 2020, was...... читать далее
devops computer science software developent supply chain cybersecuityБезопасность • DZone Security • 4 августа 2021 г. 21:15
Undoubtedly, companies are blind, deaf, and in the middle of a freeway without big data analytics. Data is the new science whereas big data leverages the answer. Data production rates are evolving at a tremendous pace simultaneously with the human po...... читать далее
big data cyber attack cybersecuity cyberattacks security & defense risk assessment cybersecurity analysis predictive modelsБезопасность • DZone Security • 22 июля 2021 г. 16:26
This week, we have a detailed write-up on finding credit card numbers leaking from a GraphQL API, a lab walkthrough on hacking JSON web tokens (JWT) through SQL injection, and HackerOne’s new Capture The Flag (CFT) API Security challenge. On the reso...... читать далее
xml api apis api security graphql cybersecuity newsletter jwtБезопасность • DZone Security • 15 июля 2021 г. 14:18
This week, we take a look at the recently reported API vulnerabilities at Coursera and in one of the Huawei home gateways. We also learn about rate-limiting for GraphQL APIs and GraphQL discovery using its autocorrect feature. Vulnerability: Coursera...... читать далее
api apis api security graphql cybersecuity newsletter penetration testing