security

The Evolution of Cloud-Native Authorization

Authentication in the Age of SaaS and Cloud Let's start with the differences between authentication and authorization. People tend to lump these concepts together as auth, but they're two distinct processes. Authentication describes the process of finding out that you...

GraphQL vs REST – DZone

Modern applications allow us to get connected to the world like never before. However, how is this structure so effective in providing a robust connection between different applications and data sharing between different devices? API (Application Programming...

Remote Debugging Dangers and Pitfalls

This is the last part of the debugging series. To learn the rest, you’ll need to get the book “Practical Debugging at Scale: Cloud Native Debugging in Kubernetes and Production” or the course. One of the most frequently asked questions I receive is: can we do these...

The Data Leakage Nightmare in AI

Nowadays, we think of artificial intelligence as the solution to many problems and as a tool that can help humanity achieve huge things faster and with less effort. Of course, those thoughts are not far from being true, but it is really important to be aware of the...

Should You Create Your Own E-Signature API?

Is it worth coding your own e-signature API, or is purchasing a ready-made solution a better option? Electronic signatures have become a popular way to verify one’s identity without signing printed forms. They have many benefits over written signatures, such as higher...

Jobs in Information Security (InfoSec)

Almost all of the people who respond to my #CyberMentoringMonday tweets each week say that they want to “get into InfoSec” or “become a Penetration Tester;” they rarely choose any other jobs or are more specific than that. I believe the reason for this is that they...

Surviving the Incident – DZone

This is an article from DZone's 2022 Enterprise Application Security Trend Report.For more: Read the Report A wave of cyber incidents in recent years, such as the SolarWinds supply chain attack, Accellion data breach, Exchange Server, and Log4j vulnerabilities, have...