Security Resources

How to Set up OAuth JWT Flow and mTLS in the Salesforce Connector for a MuleSoft App

Walk through the required steps to set up mutual TLS between the Mule app and the Salesforce Connected App we created in the first post of this series.

October 14, 2024

by GONZALO MARCOS

· 3,929 Views · 1 Like

What We Learned About Secrets Security at AppSec Village at DEF CON 32

Learn about DEF CON 32: AppSec Village, exploring secrets security challenges, common questions, and how to detect and handle hidden credentials effectively.

October 14, 2024

by Dwayne McDaniel

· 4,168 Views · 2 Likes

An Overview of TCPCopy for Beginners

In this article, learn more about TCPCopy, an open-source replay tool project, its underlying principles, and its architecture.

October 11, 2024

by Bin Wang

· 6,138 Views · 5 Likes

Network Guardians: Crafting a Spring Boot-Driven Anomaly Detection System

This article series will take you through the process of developing a network anomaly detection system using the Spring Boot framework in a robust manner.

October 11, 2024

by Sreejith Sreekandan Nair

· 5,485 Views · 4 Likes

The Importance of Verifying Your GitHub Environment’s Security Controls

Source code, being the most valuable asset of an organization, demands strong, reliable protection to safeguard it from potential threats.

October 9, 2024

by Daria Kulikova

· 6,525 Views · 3 Likes

Starting to Care About Security

IT practitioners get leaders to care about security by putting things in business (not technical) terms and using data to make their case.

October 8, 2024

by Leon Adato

· 4,180 Views · 1 Like

Security at the Onset: Stabilizing CSPM and DevSecOps

Proactively integrating CSPM with DevSecOps strengthens security by continuously monitoring and addressing vulnerabilities from development to deployment.

October 8, 2024

by Josephine Eskaline Joyce

CORE

· 5,872 Views · 4 Likes

Secret Management and Rotation

Learn about automating KMS key rotation for asymmetric keys to raise the security bar by replacing keys at an interval.

October 8, 2024

by Pranav Kumar Chaudhary

· 4,075 Views · 2 Likes

Integrate Spring Boot With jOOQ, Liquibase, and Testcontainers

Get started with jOOQ, Liquibase, and Testcontainers: Create a basic Spring Boot application and integrate the aforementioned techniques including a test setup.

October 7, 2024

by Gunter Rotsaert

CORE

· 5,293 Views · 1 Like

Enhanced API Security: Fine-Grained Access Control Using OPA and Kong Gateway

Kong secures APIs and OPA handles policy decisions. This custom plugin caches user data, minimizing database checks and ensuring fast, accurate access control.

October 4, 2024

by Amrutha Paladugu

· 5,479 Views · 4 Likes

Understanding the Dependency Injection Lifecycle: Singleton, Scoped, and Transient With Detailed Examples

This article will help you gain a solid understanding of the lifecycle of singleton, scoped, and transient services when implementing dependency injection.

October 3, 2024

by Rishi Mohan

· 5,959 Views · 5 Likes

Top 6 Cybersecurity Threat Detection Use Cases: How AI/ML Can Help Detect Advanced and Emerging Threats

Learn how to get started to design and build AI/ML solutions that are capable of revolutionizing the cybersecurity threat detection landscape.

October 2, 2024

by Mayank Singhi

· 3,495 Views · 2 Likes

AWS LetsEncrypt Lambda or Why I Wrote a Custom TLS Provider for AWS Using OpenTofu and Go

LetsEncrypt Lambda helps to manage TLS certificates. Compared to Certificate Manager it provides certs that can be used at non-only AWS services like EC2 Nginx.

October 2, 2024

by Alexander Sharov

· 6,921 Views · 3 Likes

Misconfiguration Madness: Thwarting Common Vulnerabilities in the Financial Sector

Financial services are among the most attacked sectors of any industry, making it critical that developers operate at the highest level to produce secure code.

October 2, 2024

by Matias Madou

· 3,708 Views · 2 Likes

Workarounds for Oracle Restrictions on the Size of Expression Lists

Learn five strategies to workaround ORA-01795 and ORA-00913 errors and explore a comparative analysis of their performance.

October 1, 2024

by Thiago Nascimento

CORE

· 6,439 Views · 4 Likes

Using AWS WAF Efficiently to Secure Your CDN, Load Balancers, and API Servers

When securing your cloud architecture, performance and efficiency are incredibly important. Learn more about how to strike a fine balance.

October 1, 2024

by Manish Sinha

· 5,141 Views · 2 Likes

Guarding Kubernetes From the Threat Landscape: Effective Practices for Container Security

As organizations increasingly rely on Kubernetes for critical workloads, it is important to keep your containerized systems secure and understand threats they face.

October 1, 2024

by Gal Cohen

· 6,065 Views · 3 Likes