In this article, I aim to discuss modern approaches used to reduce the time required to establish a data transmission channel between two nodes. I will be examining both plain TCP and TLS-over-TCP. What Is a Handshake? First, let’s define…
Category: DZone Security Zone
How Federal Agencies Are Achieving Zero Trust With Automation
“Never trust, always verify.” This key principle has been ingrained into the cybersecurity lexicon since Forrester first popularized the concept of zero trust in 2009. Since then, zero trust has emerged as one of the most important frameworks in modern…
Implement Hibernate Second-Level Cache With NCache
In this tutorial, we’ll explore implementing a second-level cache in Hibernate using NCache. We’ll set up a Java application with Hibernate. Then we’ll configure NCache as the second-level cache. Finally, we’ll test the implementation to see how caching reduces the…
How to Implement Client-Side Load Balancing With Spring Cloud
It is common for microservice systems to run more than one instance of each service. This is needed to enforce resiliency. It is therefore important to distribute the load between those instances. The component that does this is the load…
How to Secure Your Raspberry Pi and Enable Safe, Resilient Updates
The venerable Raspberry Pi has been around for over a decade (officially created in 2009) and it has become a standard in many robotics, home automation, and other types of uses, especially for “makers” and other tinkerers. But it has…
How To Secure Your Raspberry Pi and Enable Safe, Resilient Updates
The venerable Raspberry Pi has been around for over a decade (officially created in 2009) and it has become a standard in many robotics, home automation, and other types of uses, especially for “makers” and other tinkerers. But it has…
Securing Cloud-Native Applications: A CISO’s Perspective on Broken Access Control
When we talk about security in cloud-native applications, broken access control remains one of the most dangerous vulnerabilities. The OWASP Top 10 lists it as the most prevalent security risk today, and for good reason: the impact of mismanaged permissions…
Secure Golden Images: A Blueprint for Vulnerability Management
In environments with AWS Cloud workloads, a proactive approach to vulnerability management involves shifting from traditional patching to regularly deploying updated Secure Golden Images. This approach is well-suited to a modern Continuous Integration and Continuous Delivery (CI/CD) environment, where the…
GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices
AI-powered code completion tools like GitHub Copilot, co-developed by GitHub and OpenAI, likely need no introduction. Developers are rapidly embracing this evolving technology to aid them in their work. Copilot and other Large Language Model (LLM) based coding assistants suggest…
Acting Like We Care About Security
This will be my last entry on the topic for a while. For context, I introduced the idea that folks don’t care about security, they care about outcomes in this post; and then I began exploring ways we, as IT…