Honeypots are the digital traps used by cybersecurity professionals to lure in attackers. These traps imitate real systems and services, such as web servers or IoT devices, to appear as genuine targets. The goal of a honeypot is to deceive…
Category: DZone Security Zone
Understanding Properties of Zero Trust Networks
Zero Trust is a well-known but ‘hard-to-implement’ paradigm in computer network security. As the name suggests, Zero Trust is a set of core system design principles and concepts that seek to eliminate the practice of implicit trust-based security. The core…
Outsmarting Cyber Threats: How Large Language Models Can Revolutionize Email Security
Email remains one of the most common vectors for cyber attacks, including phishing, malware distribution, and social engineering. Traditional methods of email security have been effective to some extent, but the increasing sophistication of attackers demands more advanced solutions. This…
Integration Testing With Keycloak, Spring Security, Spring Boot, and Spock Framework
In today’s security landscape, OAuth2 has become a standard for securing APIs, providing a more robust and flexible approach than basic authentication. My journey into this domain began with a critical solution architecture decision: migrating from basic authentication to OAuth2…
OpenID Connect Flows: From Implicit to Authorization Code With PKCE and BFF
This article will review the principles behind various OpenID Connect (OIDC) authentication flows, from the simplest to the most modern, highlighting the vulnerabilities present in each. We will explore each of the following OpenID Connect flows in detail: This article…
How To Plan a (Successful) MuleSoft VPN Migration (Part II)
In this second post, we’ll be reviewing more topics that you should take into consideration if you’re planning a VPN migration. If you missed the first part, you can start from there. This article has been indexed from DZone Security…
How To Plan a (Successful) MuleSoft VPN Migration (Part I)
You might need to migrate your MuleSoft legacy VPNs to Anypoint VPN. You might be changing your routing, from static to dynamic. Or maybe, you’re moving to Cloudhub 2.0. It doesn’t matter, you need to migrate your VPN. A VPN…
Data Governance: Data Integration (Part 4)
What Is Data Governance? Data governance is a framework that is developed through the collaboration of individuals with various roles and responsibilities. This framework aims to establish processes, policies, procedures, standards, and metrics that help organizations achieve their goals. These…
Shortened Links, Big Risks: Unveiling Security Flaws in URL Shortening Services
In today’s digital age, URL-shortening services like TinyURL and bit.ly are essential for converting lengthy URLs into short, manageable links. While many blogs focus on how to build such systems, they often overlook the security aspects. Here, we have threat-modeled…
The XZ Utils Backdoor in Linux: A Symptom of Ailing Security in the Software Supply Chain
The cybersecurity industry was once again placed on high alert following the discovery of an insidious software supply chain compromise. The vulnerability, affecting the XZ Utils data compression library that ships with major Linux distributions, is logged under CVE-2024-3094 and…