Security Resources

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Worried about GitHub Copilot’s security and privacy concerns? Learn about potential risks and best practices while leveraging AI.

October 17, 2024

by Dwayne McDaniel

· 4,780 Views · 3 Likes

Acting Like We Care About Security

The final part of a 3-post series on why it's so hard for folks to care about security, and suggestions on ways to get them to start.

October 15, 2024

by Leon Adato

· 3,966 Views · 1 Like

Data at Rest Encryption: Protecting Stored Data

Discover different methods of data at rest encryption, including symmetric, asymmetric, and full-disk, to protect stored data from unauthorized access.

October 15, 2024

by Michael Chukwube

· 4,123 Views · 1 Like

Oracle CloudWorld 2024: Key Takeaways for Developers, Engineers and Architects

Oracle CloudWorld 2024 unveils AI innovations, multi-cloud strategies, and industry solutions. Learn how these advancements will empower developers and engineers.

October 15, 2024

by Tom Smith

CORE

· 4,433 Views · 1 Like

Decoding DORA: EU's Unified Approach to ICT Risk Governance

The Digital Operational Resilience Act (DORA) aims to establish a unified framework for managing ICT risks in the EU financial sector.

October 14, 2024

by Manjit Chakraborty

· 3,182 Views · 1 Like

How to Set up OAuth JWT Flow and mTLS in the Salesforce Connector for a MuleSoft App

Walk through the required steps to set up mutual TLS between the Mule app and the Salesforce Connected App we created in the first post of this series.

October 14, 2024

by GONZALO MARCOS

· 3,192 Views · 1 Like

What We Learned About Secrets Security at AppSec Village at DEF CON 32

Learn about DEF CON 32: AppSec Village, exploring secrets security challenges, common questions, and how to detect and handle hidden credentials effectively.

October 14, 2024

by Dwayne McDaniel

· 3,839 Views · 2 Likes

An Overview of TCPCopy for Beginners

In this article, learn more about TCPCopy, an open-source replay tool project, its underlying principles, and its architecture.

October 11, 2024

by Bin Wang

· 5,498 Views · 4 Likes

Network Guardians: Crafting a Spring Boot-Driven Anomaly Detection System

This article series will take you through the process of developing a network anomaly detection system using the Spring Boot framework in a robust manner.

October 11, 2024

by Sreejith Sreekandan Nair

· 4,958 Views · 3 Likes

The Importance of Verifying Your GitHub Environment’s Security Controls

Source code, being the most valuable asset of an organization, demands strong, reliable protection to safeguard it from potential threats.

October 9, 2024

by Daria Kulikova

· 6,306 Views · 2 Likes

Starting to Care About Security

IT practitioners get leaders to care about security by putting things in business (not technical) terms and using data to make their case.

October 8, 2024

by Leon Adato

· 3,951 Views · 1 Like

Security at the Onset: Stabilizing CSPM and DevSecOps

Proactively integrating CSPM with DevSecOps strengthens security by continuously monitoring and addressing vulnerabilities from development to deployment.

October 8, 2024

by Josephine Eskaline Joyce

CORE

· 5,627 Views · 4 Likes

Secret Management and Rotation

Learn about automating KMS key rotation for asymmetric keys to raise the security bar by replacing keys at an interval.

October 8, 2024

by Pranav Kumar Chaudhary

· 3,833 Views · 2 Likes

Integrate Spring Boot With jOOQ, Liquibase, and Testcontainers

Get started with jOOQ, Liquibase, and Testcontainers: Create a basic Spring Boot application and integrate the aforementioned techniques including a test setup.

October 7, 2024

by Gunter Rotsaert

CORE

· 4,987 Views · 1 Like

Enhanced API Security: Fine-Grained Access Control Using OPA and Kong Gateway

Kong secures APIs and OPA handles policy decisions. This custom plugin caches user data, minimizing database checks and ensuring fast, accurate access control.

October 4, 2024

by Amrutha Paladugu

· 4,947 Views · 4 Likes

Understanding the Dependency Injection Lifecycle: Singleton, Scoped, and Transient With Detailed Examples

This article will help you gain a solid understanding of the lifecycle of singleton, scoped, and transient services when implementing dependency injection.

October 3, 2024

by Rishi Mohan

· 5,360 Views · 5 Likes

Top 6 Cybersecurity Threat Detection Use Cases: How AI/ML Can Help Detect Advanced and Emerging Threats

Learn how to get started to design and build AI/ML solutions that are capable of revolutionizing the cybersecurity threat detection landscape.

October 2, 2024

by Mayank Singhi

· 3,206 Views · 2 Likes

AWS LetsEncrypt Lambda or Why I Wrote a Custom TLS Provider for AWS Using OpenTofu and Go

LetsEncrypt Lambda helps to manage TLS certificates. Compared to Certificate Manager it provides certs that can be used at non-only AWS services like EC2 Nginx.

October 2, 2024

by Alexander Sharov

· 6,664 Views · 2 Likes

Misconfiguration Madness: Thwarting Common Vulnerabilities in the Financial Sector

Financial services are among the most attacked sectors of any industry, making it critical that developers operate at the highest level to produce secure code.

October 2, 2024

by Matias Madou

· 3,533 Views · 1 Like

Workarounds for Oracle Restrictions on the Size of Expression Lists

Learn five strategies to workaround ORA-01795 and ORA-00913 errors and explore a comparative analysis of their performance.

October 1, 2024

by Thiago Nascimento

CORE

· 6,083 Views · 3 Likes

The Latest Security Topics