In this blog, you will learn how to get started with jOOQ, Liquibase, and Testcontainers. You will create a basic Spring Boot application and integrate the aforementioned techniques including a test setup. Furthermore, you will use Spring Boot Docker Compose…
Tag: DZone Security Zone
Enhanced API Security: Fine-Grained Access Control Using OPA and Kong Gateway
Kong Gateway is an open-source API gateway that ensures only the right requests get in while managing security, rate limiting, logging, and more. OPA (Open Policy Agent) is an open-source policy engine that takes control of your security and access…
Understanding the Dependency Injection Lifecycle: Singleton, Scoped, and Transient With Detailed Examples
Developers may be aware of the lifecycle of service instances when using dependency injection, but many don’t fully grasp how it works. You can find numerous articles online that clarify these concepts, but they often just reiterate definitions that you…
Top 6 Cybersecurity Threat Detection Use Cases: How AI/ML Can Help Detect Advanced and Emerging Threats
AI/ML tools and technologies heavily influence the modern digital landscape by introducing numerous use cases involving AI-based malware detection, preventing social engineering attacks, and threat identification and remediation. Many organizations have acknowledged AI/ML’s prominence in the cybersecurity threat landscape and…
AWS LetsEncrypt Lambda or Why I Wrote a Custom TLS Provider for AWS Using OpenTofu and Go
These days, it’s challenging to imagine systems that have public API endpoints without TLS certificate protection. There are several ways to issue certificates: Paid wildcard certificates that can be bought from any big TLS provider Paid root certificates that sign…
Misconfiguration Madness: Thwarting Common Vulnerabilities in the Financial Sector
Ever since people started putting their money into banks and financial institutions, other people have sought to steal those deposits or otherwise fraudulently obtain those protected assets. When someone asked infamous 1920s-era bank robber Willie Sutton why he robbed banks,…
Workarounds for Oracle Restrictions on the Size of Expression Lists
When developing an enterprise system — whether it is a completely new system or simply the addition of a new feature — it is not uncommon to need to retrieve a significant volume of records (a few hundred or even…
Using AWS WAF Efficiently To Secure Your CDN, Load Balancers, and API Servers
The introduction of software has made remarkable changes to how business is conducted. “Back then,” people would meet in person, and most companies used manual methods, which were not scalable. Software has changed the game, and web applications are essential…
Guarding Kubernetes From the Threat Landscape: Effective Practices for Container Security
Editor’s Note: The following is an article written for and published in DZone’s 2024 Trend Report, Kubernetes in the Enterprise: Once Decade-Defining, Now Forging a Future in the SDLC. Kubernetes is driving the future of cloud computing, but its security challenges…
Network Sniffing: A Critical Concept in Network Security
What Is Network Sniffing? Sniffing includes the passive interception of data packets crossing a network with further analysis. Initially, sniffing was developed to help network administrators troubleshoot connectivity problems, and since then, it has evolved into an important technique of…