Kubernetes has become the de facto standard for orchestrating containerized applications. As organizations increasingly embrace cloud-native architectures, ensuring observability, security, policy enforcement, progressive delivery, and autoscaling is like ensuring your spaceship has enough fuel, oxygen, and a backup plan before…
Category: DZone Security Zone
Essential Cybersecurity Practices for Non-Profits
With an ever connected and globalized world, it is not surprising that cybersecurity attacks are on the rise. The repercussions of persistent cybersecurity attacks touch all types of organizations regardless of scale, from huge international companies to small local non-profits…
How to Master a DevSecOps Pipeline that Devs and AppSec Love
When you became a developer, you didn’t imagine you’d be spending a big chunk of your time parsing vulnerability reports, getting stuck in security review cycles, or rerunning CI jobs because the pipeline flagged a dozen “critical issues,” half of…
Secure DevOps in Serverless Architecture
Serverless computing, app development, and deployment have been completely revolutionized by its unparalleled scalability and cost efficiency. Infrastructure management abstraction, which is provided by serverless platforms like AWS Lambda, Google Cloud Functions, and Azure Functions, allows developers to concentrate on…
How to Achieve SOC 2 Compliance in AWS Cloud Environments
Did you know cloud security was one of the most evident challenges of using cloud solutions in 2023? As businesses increasingly depend on Cloud services like Amazon Web Services (AWS) to host their applications, securing sensitive data in the Cloud…
Why 99% Accuracy Isn’t Good Enough: The Reality of ML Malware Detection
The threat of malware in enterprises is evolving each year. As enterprises expand their digital footprint through remote work and cloud adoption, their attack surface increases, making them more vulnerable to targeted malware campaigns. FBI’s 2023 Internet Crime Report showed…
Mastering Kubernetes Observability: Boost Performance, Security, and Stability With Tracestore, OPA, Flagger, and Custom Metrics
In modern microservices architectures, achieving comprehensive observability is not just an option—it’s a necessity. As applications scale dynamically within Kubernetes environments, tracking performance issues, enforcing security policies, and ensuring smooth deployments become complex challenges. Traditional monitoring solutions alone cannot fully…
Understanding the Fundamentals of Cryptography
Cybersecurity encompasses multiple different domains, including network isolation, platform security and infrastructure security. However, one thing that we less frequently discuss, but use more than often is cryptography. Whether it’s HTTPS, data encryption in databases, disk encryption, or technologies like…
How Security Engineers Can Help Build a Strong Security Culture
In today’s fast-paced world, organizations face increasing cyber threats that can compromise their operational integrity, erode customer trust, and jeopardize financial stability. While it’s crucial to have advanced security technologies in place, many organizations overlook the importance of cultivating a…
Evaluating Similariy Digests: A Study of TLSH, ssdeep, and sdhash Against Common File Modifications
The field of digital forensics often uses signatures to identify malicious executables. These signatures can take various forms: cryptographic hashes can be used to uniquely identify executables, whereas tools like YARA can help malware researchers identify and classify malware samples.…