Kubernetes is not new and has been a de-facto standard of deployments and CI/CD at most companies for a while. The goal of this article is to make you familiar with all the terms and jargon that Kubernetes experts use,…
Tag: DZone Security Zone
Building Secure Containers: Reducing Vulnerabilities With Clean Base Images
In today’s fast-paced development environment, containerized applications have become the go-to solution for many organizations. They offer scalability, portability, and efficiency. However, containerized environments also bring their own set of challenges, particularly when it comes to security vulnerabilities. One of…
Data Governance Essentials: Glossaries, Catalogs, and Lineage (Part 5)
What Is Data Governance, and How Do Glossaries, Catalogs, and Lineage Strengthen It? Data governance is a framework that is developed through the collaboration of individuals with various roles and responsibilities. This framework aims to establish processes, policies, procedures, standards,…
4 Essential Strategies for Enhancing Your Application Security Posture
The rapidly evolving cybersecurity landscape presents an array of challenges for businesses of all sizes across all industries. The constant emergence of new cyber threats, including those now powered by AI, is overwhelming current security models. A 2023 study by…
Compliance Automated Standard Solution (COMPASS), Part 7: Compliance-to-Policy for IT Operation Policies Using Auditree
(Note: A list of links for all articles in this series can be found at the conclusion of this article.) In Part 4 of this multi-part series on continuous compliance, we presented designs for Compliance Policy Administration Centers (CPAC) which…
Unifying SecOps and Observability for Enhanced Cloud Security in Azure
As someone who has worked in various areas of Azure for almost a decade, I have witnessed its constant evolution and the rise of increasingly sophisticated security risks. This calls for a unified approach to modern cloud security, where integrating…
Advanced CI/CD Pipeline Optimization Techniques Using GitHub Actions
Continuous Integration and Continuous Deployment (CI/CD) pipelines are crucial for modern software development. This article explores advanced techniques to optimize these pipelines, enhancing efficiency and reliability for enterprise-level operations. Parallelization Using Matrix Builds GitHub Actions CI tests using the matrix…
Using AUTHID Parameter in Oracle PL/SQL
In Oracle, the AUTHID clause is a powerful option to manage DB security and access control. It defines who is considered a current user for execution purposes within stored procedures and functions. This article explores the basics of AUTHID, different…
12 Expert Tips for Secure Cloud Deployments
According to the Thales 2024 Cloud Security Study, 31% of cyberattacks prioritize SaaS applications, followed closely by 30% targeting cloud storage and 26% aimed at cloud management infrastructure. Cloud resources have become the prime targets for hackers — no surprise,…
Accelerating Connection Handshakes in Trusted Network Environments
In this article, I aim to discuss modern approaches used to reduce the time required to establish a data transmission channel between two nodes. I will be examining both plain TCP and TLS-over-TCP. What Is a Handshake? First, let’s define…