Nobody cares about security. There. I said it. I said the thing everyone feels, some people think, but very few have the temerity to say out loud. But before you call me a blasphemous heathen, I will ask for just…
Tag: DZone Security Zone
AI and Technical Debt: Balancing Innovation and Sustainability
As artificial intelligence (AI) continues to revolutionize the tech industry, developers, engineers, and architects face a new challenge: managing the technical debt that comes with rapid AI adoption. Jeff Hollan, Head of Apps and Developer Tools at Snowflake, shares invaluable…
Obfuscation vs Encryption: How To Protect Your .NET Code the Right Way
When working on .NET applications, one main concern is safeguarding your code from unauthorized access, intellectual property theft, and reverse engineering. This can be achieved by implementing data and code protection techniques to protect the application. There are two main…
Setting Up Secure Data Lakes for Starlight Financial: A Guide to AWS Implementation
Continuing on our fictitious financial company, Starlight, series of posts, here is how to set up a data lake on AWS with security as the primary thought. Introduction In the fast-moving financial industry, data is a core asset. Starlight Financial…
The Critical Role of Data at Rest Encryption in Cybersecurity
Securing information is crucial as cyber-attacks are getting more sophisticated. Data residing in an unprotected state at rest (databases, stored files, and backups) pose one of the most significant risks. Data at rest encryption is necessary to guarantee that information…
Designing a Secure Architecture for Distributed Systems
Securing distributed systems is a complex challenge due to the diversity and scale of components involved. With multiple services interacting across potentially unsecured networks, the risk of unauthorized access and data breaches increases significantly. This article explores a practical approach…
Modern Authentication on .NET: OpenID Connect, BFF, SPA
As web technologies continue to advance, so do the methods and protocols designed to secure them. The OAuth 2.0 and OpenID Connect protocols have significantly evolved in response to emerging security threats and the growing complexity of web applications. Traditional…
Uncovering a Prototype Pollution Regression in the Core Node.js Project
As a Node.js developer and security researcher, I recently stumbled upon an interesting security regression in the Node.js core project related to prototype pollution. This happened to be found while I was conducting an independent security research for my Node.js…
Optimizing Data Management for AI Success: Industry Insights and Best Practices
As artificial intelligence (AI) continues transforming industries, organizations face increasing challenges in managing and utilizing data for AI initiatives. Recent industry surveys and expert insights highlight the critical role of effective data management in AI success. This article explores key…
8 Practices Software Engineers Should Adopt and Champion for Cybersecurity
The Importance of Cybersecurity I firmly believe that in today’s cybersecurity expectations, software engineers should prioritize the security of their computer systems and internal IT networks. I would consider it to be a mistake to rely heavily on technology due…