days
0
-10
-7
hours
-1
-3
minutes
-5
-6
seconds
-3
-7
search

#security

Keeping secrets under lock and key

HashiCorp Vault 1.3 adds new debugging command & more

HashiCorp Vault is focused on security, secret keeping, data encryption, and identity management. It keeps all your sensitive data, including API keys, passwords, and certificates, under wraps. Version 1.3 has now released to the public. Check out all the new updates made to HashiCorp vault, including some beta improvements, a new debug CLI command, and two new features just for Vault Enterprise.

Spinning order out of chaos

Is chaos engineering the key to lockdown cybersecurity?

The practice of chaos engineering can help unearth security problems that ordinarily, you would never discover. By utilizing chaos engineering best practices, your teams can keep up with how a potential hacker might infiltrate your network and gain a better understanding of the weaknesses in your infrastructure and what security measures to take.

Is your IoT fish tank secure?

Are there any real security threats to sensor-generated data?

IoT devices can be a weak leak and expose data to hackers. Businesses should be aware of the risks that can occur if attackers get their hands on data, and keep up with security updates and testing. How can hackers compromise sensor-generated data, and what are the best practices for IoT device security?

Keeping up with security

How AI assists in threat analytics and ensures better cybersecurity

As technology advances, users should keep up and evolve their security to stay one step ahead of hackers. AI software helps in threat analytics and ensures better cybersecurity and machine learning can help detect threats earlier. In this article, find out how AI can be used to help with security, and why it is perfect for the job.

Preventing man-in-the-middle attacks

TLS certificate pinning on mobile apps to secure from MiTM attacks

Mobile security has become more important than ever, especially as many employers adopt Bring Your Own Device for remote and in-house employees. What is TLS certificate pinning? Find out all about it and how to implement TLS pinning on Android and iOS apps and prevent man-in-the-middle (MiTM) attacks on mobile apps.

It's just a shift to the left, and a shift to the right

Securing containers throughout the entire build-ship-run lifecycle means shifting left and right

Security is no joke, especially as more and more companies are moving to cloud-based container setups. The stakes are high, and the price of a security breach can be catastrophic. CEO of NeuVector Fei Huang shares his thoughts about why DevSecOps matters and how to shift left and right to ensure security is considered all through the lifecycle, not just at deployment.

There is indeed some catching up to do!

Enterprise security must catch up with API innovation

When it comes to API security, even companies with world-class security teams like Facebook and Google are getting caught off guard. In this article, Bernard Harguindeguy offers 12 must-have best practices for protecting API infrastructure from hacking and abuses.

Keeping your data safe

From data to decision-making: Data security in 2019

In this article, Ralf Huuck goes over his predictions for how the field of data security will shake out in the new year. What’s in store for 2019? Hopefully, more standardization within the field and less data breaches overall.

Security profiles for Java, JavaScript, Python and PHP

Which programming language is the most secure? High security vulnerabilities for Java have declined since 2015

Time to put languages to the test. Which programming languages are the most secure and which have dents in their armor? A report from WhiteSource examined security vulnerabilities in some of the most popular programming languages and looked at the trends of high security vulnerabilities over the years.

This is a security 101

Audit API security based on their OpenAPI contract

According to Gartner, by 2022 API abuse will be the most frequented attack vector on the enterprises. In this tutorial, Dmitry Sotnikov shows how you can use your API contract file to locate and remediate some of the common API vulnerabilities.