Series reminder: This series explores how explainability in AI helps build trust, ensure accountability, and align with real-world needs, from foundational principles to practical use cases. Previously, in Part VII: SHAP: Bringing Clarity to Financial Decision-Making. This article has been indexed from…
Tag: DZone Security Zone
Cloud Automation Excellence: Terraform, Ansible, and Nomad for Enterprise Architecture
Enterprise cloud architecture demands sophisticated orchestration of infrastructure, configuration, and workload management across diverse computing platforms. The traditional approach of manual provisioning and siloed tool adoption has become a bottleneck for organizations seeking cloud-native agility while maintaining operational excellence. This…
The Role of Data Governance in Data Strategy: Part 4
In the previous articles of this series, we explored the importance of data governance in managing enterprise data effectively (Part 1), how BigID supports data governance, particularly for data privacy, security, and classification (Part 2), and the role of Data…
CI/CD in the Age of Supply Chain Attacks: How to Secure Every Commit
The digital infrastructure we’ve built resembles a house of cards. One compromised dependency, one malicious commit, one overlooked vulnerability and the entire edifice comes tumbling down. In March 2024, security researchers discovered something terrifying: a backdoor lurking within XZ Utils,…
Container Security Essentials: From Images to Runtime Protection
Container security is all about making sure you run an image that is exceptionally low in vulnerability and malware. I would love to say having zero vulnerabilities, but it is rarely possible in the real world. In the worst case,…
Why Zero Trust Is Not a Product but a Strategy You Can’t Ignore in 2025
“We recently purchased a Zero Trust solution.” A statement like that makes even the most seasoned security experts cringe. Zero Trust is a ubiquitous notion in 2025, appearing in product packaging, seminars, and sales presentations. However, the fundamental idea is…
Stop Leaking Secrets: The Hidden Danger in Test Automation and How Vault Can Fix It
Modern automation frameworks have come a long way—Playwright, Cypress, RestAssured, Cucumber, and Selenium enable teams to run sophisticated end-to-end validations across browsers and services. But under all that progress lies a risk that’s still alarmingly common: secrets hardcoded into test…
Technical Deep Dive: Scaling GenAI-Enhanced SBOM Analysis from Trivy Fix to Enterprise DevSecOps
This article demonstrates how a critical Trivy SBOM generation fix (PR #9224) can be scaled into an enterprise GenAI-powered platform, delivering comprehensive DevSecOps automation and millions in cost savings. We will explore the technical implementation from core dependency resolution improvements…
Prototype for a Java Database Application With REST and Security
Many times, while developing at work, I needed a template for a simple application from which to start adding specific code for the project at hand. In this article, I will create a simple Java application that connects to a…
How to Use ALB as a Firewall in IBM Cloud
Do you have a use case where you want to implement a network firewall in IBM Cloud VPC that filters traffic based on hostname? For example, you may want to allow connections only to www.microsoft.com and www.apple.com, while blocking access…