AWS API Gateway is a managed service to create, publish, and manage APIs. It serves as a bridge between your applications and backend services. When creating APIs for our backend services, we tend to open it up using public IPs.…
Tag: DZone Security Zone
While Performing Dependency Selection, I Avoid the Loss Of Sleep From Node.js Libraries’ Dangers
Running “npm install” requires trusting unknown parties online. Staring at node_modules for too long leads someone to become a node_modules expert. We Should Have Solved This Issue By 2025 The registry expands relentlessly at the rate of one new library…
Optimize Deployment Pipelines for Speed, Security and Seamless Automation
A developer’s work doesn’t stop once the code is written. The real action begins when it’s deployment day. The process—managing multiple environments, testing new features, or ensuring seamless uptime during releases—must be fast, secure, and efficient. Can you imagine a…
Zero Trust for AWS NLBs: Why It Matters and How to Do It
Introduction to AWS Network Load Balancer AWS has several critical services that drive the internet. If you have ever built any application on top of AWS and need a high throughput or volume of traffic, the chances are that you’ve…
Integrating Security as Code: A Necessity for DevSecOps
Security practices in DevOps have evolved from being a minor concern to one of the main focus points, which resulted in the DevSecOps movement. It’s about “shifting security to the left” in the software development lifecycle — so the security…
GDPR Compliance With .NET: Securing Data the Right Way
When developers hear the term GDPR, the initial reaction often involves stress and uncertainty, especially around how it might slow down development or degrade application performance. But here’s the truth: GDPR isn’t just another regulation to check off your list.…
The Transformative Power of Artificial Intelligence in Cloud Security
Cloud computing has reshaped how businesses operate, offering unmatched scalability, flexibility, and cost-efficiency. However, as organizations continue to shift critical operations to the cloud, they face escalating cybersecurity challenges. Traditional security systems often struggle to protect complex, interconnected cloud environments…
Why I Started Using Dependency Injection in Python
When I first started building real-world projects in Python, I was excited just to get things working. I had classes calling other classes, services spun up inside constructors, and everything somehow held together. But deep down, I knew something was…
Software Bill of Materials (SBOM): Enhancing Software Transparency and Security
Abstract This article explores the concept of a Software Bill of Materials (SBOM) as an essential tool in modern software development and cybersecurity frameworks. The SBOM acts as a detailed inventory of all software components, dependencies, and associated metadata within…
Zero Trust Isn’t Just for Networks: Applying Zero-Trust Principles to CI/CD Pipelines
Zero trust has emerged as a cornerstone of modern enterprise security. It is mainly applied to networks, user identities, and endpoints of most organizations. However, the single layer left undersecured is the CI/CD pipeline. These systems orchestrate code validation for…