You are going to encounter a number of issues as a Python developer. Mastering the syntax of coding isn’t enough to write functioning, stable applications. You also have to familiarize yourself with different challenges the final application might deal with, including...
security
Should You Create Your Own E-Signature API?
Is it worth coding your own e-signature API, or is purchasing a ready-made solution a better option? Electronic signatures have become a popular way to verify one’s identity without signing printed forms. They have many benefits over written signatures, such as higher...
How I Discovered My Security Practices Are Pretty Bad
I have a confession to make. As a software developer, I never thought much about security. It was about as important to me as the daily weather on Pluto. Admittedly, my work was mostly deployed in lab environments, but I never did much to look for CVEs, attack paths,...
Jobs in Information Security (InfoSec)
Almost all of the people who respond to my #CyberMentoringMonday tweets each week say that they want to “get into InfoSec” or “become a Penetration Tester;” they rarely choose any other jobs or are more specific than that. I believe the reason for this is that they...
Compliance Automated Standard Solution (COMPASS), Part 4: Topologies of Compliance Policy Administration Centers
In the last post of this multi-part series, we introduced methodologies and technologies for the various compliance personas to collaboratively author compliance artifacts such as regulation catalogs, baselines, profiles, system security plans, etc. These artifacts...
What Is a SOC and How Do SOC Teams Work?
With the growing complexity of IT environments, it is essential to have robust security processes that can safeguard IT environments from cyber threats. This blog will explore how security operation centers (SOCs) help you monitor, identify and prevent cyber and...
Surviving the Incident – DZone
This is an article from DZone's 2022 Enterprise Application Security Trend Report.For more: Read the Report A wave of cyber incidents in recent years, such as the SolarWinds supply chain attack, Accellion data breach, Exchange Server, and Log4j vulnerabilities, have...
Improve Microservices Security by Applying Zero-Trust Principles
This is an article from DZone's 2022 Enterprise Application Security Trend Report.For more: Read the Report According to a 2020 Gartner report, it is estimated that by 2023, 75 percent of cybersecurity incidents will result from inadequate management of identities and...
5 Trends That Will Shape Application Security in 2023
The digital transformation and cloud-native movements are driving DevOps practices and open-source code libraries increase the speed at which applications are developed and delivered. However, security has not always been a top priority in the DevOps journey. In order...
Want to Improve Your Threat Detection?
Today, 94% of organizations are using cloud technology, and this swift evolution to the cloud means security teams are handling more data and more alerts than ever. Additionally, threats and attacks are only increasing in frequency — it’s estimated that a cyber attack...
DDoS Attacks: A Threat to Corporate IT Security
Next to ransomware, which has been at the heart of cybersecurity concerns in recent years, distributed denial of service (DDoS) attacks are an equally crucial cyber threat for companies. The figures speak for themselves: 5.4 million DDoS attacks were recorded...
SSH vs X.509 Certificates – DZone Security
As a developer or systems administrator, you're probably used to SSHing into servers with key pairs. What if I told you there is a better and more secure way to manage SSH access? Think SSH certificates (And no, they’re not the same as TLS certificates) For most...