Security Resources

Secure Private Connectivity Between VMware and Object Storage: An Enterprise Architecture Guide

This guide details how to establish secure private connectivity between VMware and Object Storage using Cloud Service Endpoints.

August 13, 2025

by Vidyasagar (Sarath Chandra) Machupalli FBCS

CORE

· 2,282 Views · 4 Likes

Development of System Configuration Management: Introduction

We replaced open-source SCM with our own. This series shares our experience, lessons, and advice for others facing the same choice.

August 11, 2025

by Georgii Kashintsev

· 1,996 Views · 4 Likes

Data Mesh Security: How to Protect Decentralized Data Architectures

Data mesh decentralizes data ownership, creating new security gaps. This guide covers zero trust, federated governance, and observability to secure modern architectures.

August 11, 2025

by Pranjal Sharma

· 6,182 Views · 8 Likes

Designing Secure APIs: A Developer’s Guide to Authentication, Rate Limiting, and Data Validation

Secure APIs with strong authentication, rate limiting, input validation, and versioning to prevent attacks, manage traffic, and ensure long-term stability.

August 8, 2025

by Surendra Pandey

· 1,897 Views · 3 Likes

Compliance Automated Standard Solution (COMPASS), Part 9: Taking OSCAL-Compass to Industry Complexity Level

In this article, we describe specific use-cases that the Singapore GovTech team encountered on the use of OSCAL and how Trestle was used to support them.

August 7, 2025

by Anca Sailer

· 1,705 Views · 2 Likes

JWT Policy Enforcement, Rate Limiting, IP White Listing: Using Mulesoft, API Security, Cloudhub 2.0

Learn how to enforce JWT policies in API Manager with a RAML project. Secure endpoints using Auth0, plus apply IP whitelisting and rate limiting in Anypoint.

August 7, 2025

by ARINDAM GOSWAMI

· 2,236 Views

Why Developers Should Pay Attention to Internal Directory Security

Most breaches spread from weak internal controls. Developers can spot risks early, limit privilege creep, and help stop attacks before they escalate.

August 4, 2025

by Alex Vakulov

CORE

· 1,930 Views · 1 Like

Self-Managed Keycloak for App Connect Dashboard and Designer Authoring

This tutorial explains how to use your Keycloak instance to manage authentication and authorization for App Connect Dashboard and Designer Authoring.

August 4, 2025

by Shanna Xu

· 2,277 Views · 1 Like

What Developers Need to Know About IP API Privacy in Mobile Apps (2025 Update)

Use IP APIs in mobile geolocation apps safely in 2025. Learn key risks, privacy law tips, and best practices for developers.

July 31, 2025

by Ramesh Chauhan

· 2,746 Views

Set Up OpenID Connect With Keycloak: A Step-by-Step Guide

This blog provides comprehensive guidance on setting up the OpenID Connect Authorization Code Flow using Keycloak with key concepts and prerequisites.

July 31, 2025

by Gunter Rotsaert

CORE

· 2,348 Views · 2 Likes

Bring Your Own Feed (BYOF): An Engineer's Guide to Effective Threat Intelligence

Let’s look at threat intelligence, what it is, why it’s important, and how to “BYOF” — bring your own custom threat intelligence feeds.

July 30, 2025

by John Vester

CORE

· 2,279 Views · 2 Likes

The Developer's Guide to Cloud Security Career Opportunities

The question isn't whether you should consider cloud security — it's how quickly you can position yourself to take advantage of the opportunities.

July 30, 2025

by Philip Piletic

CORE

· 2,275 Views · 2 Likes

Federated Identity: The Modern Approach to Cloud Security and Automation

Long-lived cloud credentials are risky. Federated identity lets workloads use short-lived tokens from a trusted IdP, improving security without storing secrets.

July 29, 2025

by Pradeep Kumar Goud Gaddamidi

· 2,362 Views

Building Secure Transaction APIs for Modern Fintech Systems Using GitHub Copilot

Use GitHub Copilot to build secure fintech APIs faster by adding input validation, rate limiting, and safe error handling, without compromising compliance or trust.

July 29, 2025

by Sibasis Padhi

· 2,730 Views · 3 Likes

Why Most IaC Strategies Still Fail (And How to Fix Them)

Infrastructure as Code offers a compelling vision for solving the chaos of cloud ops, but in practice, many organizations remain tangled in complexity.

July 29, 2025

by Ido Neeman

· 2,031 Views

Implementing Secure Multi-Tenancy in SaaS Applications: A Developer's Checklist

A Practical checklist and technical insights for securely implementing multi-tenancy in SaaS applications. Strategies for data isolation and robust authentication

July 28, 2025

by Shubham Joshi

· 4,495 Views · 2 Likes

Unity Catalog + AI: How Databricks Is Making Data Governance AI-Native in 2025

Data governance from a restrictive practice to an enabling force, facilitating intelligent, secure, and agile data management within enterprises.

July 25, 2025

by Sairamakrishna BuchiReddy Karri

· 3,244 Views · 1 Like

Secure Microservices in Java: Cloud-Native Design With Zero Trust Architecture

Java-based microservices power scalable, cloud-native applications. Address its rising security risks by adopting Zero Trust Architecture.

July 24, 2025

by Venkateswara Gogineni

· 2,683 Views · 1 Like

Why Data Privacy Without Context Will No Longer Work in 2026

Traditional anonymization is no longer enough. Learn why enterprises now need context-aware, entity-level privacy to stay compliant and operational.

July 24, 2025

by Mouli Srini

· 2,006 Views · 3 Likes

Building a Modern Data Platform That Delivers Real Business Value

Data modernization transforms how organizations manage and use data by aligning cloud-native tech, governance, and culture to drive value and agility.

July 23, 2025

by Amlan Patnaik

· 2,195 Views · 2 Likes

The Latest Security Topics