A primer on GCP Compute Instance VMs for dockerized Apps [Tutorial Part 8]

vom 24.04.2023 um 14:14 Uhr 911.58 Punkte
Getting started with the Google Cloud Platform (GCP) to run Virtual Machines (VMs) and prepare them to run dockerized applications. This article appeared first on https://www.pascallandau.com/ at A primer on GCP Compute Instance VMs for dockerized A

Shhhh... Kubernetes Secrets Are Not Really Secret!

vom 15.12.2022 um 12:46 Uhr 756.6 Punkte
Originally published at auth0.com Kubernetes has become an inevitable part of the modern software infrastructure. Hence managing sensitive data on Kubernetes is also an essential aspect of modern software engineering so that you can put the security ba

Global internet health check and network outage report

vom 01.11.2023 um 22:54 Uhr 619.26 Punkte
The reliability of services delivered by ISPs, cloud providers and conferencing services (such as unified communications-as-a-service) is critical for enterprise organizations. ThousandEyes monitors how providers are handling any performance challenges

CI Pipelines for dockerized PHP Apps with Github & Gitlab [Tutorial Part 7]

vom 17.04.2023 um 09:17 Uhr 481.03 Punkte
How to setup CI (Continuous Integration) pipelines for dockerized PHP applications with Github Actions and Gitlab Pipelines This article appeared first on https://www.pascallandau.com/ at CI Pipelines for dockerized PHP Apps with Github & Gitlab [Tutorial Part 7] In the seventh part of this tutorial series on develop

mTLS everywhere!

vom 23.03.2023 um 09:24 Uhr 468.76 Punkte
Security in one's information system has always been among the most critical Non-Functional Requirements. Transport Secure Layer, aka TLS, formerly SSL, is among its many pillars. In this post, I'll show how to configure TLS for the Apache APISIX API Gateway. TLS in a few words

2022 Top Routinely Exploited Vulnerabilities

vom 02.08.2023 um 20:57 Uhr 441.04 Punkte
SUMMARY The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (CSA): United States: The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) Australia:

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

vom 02.10.2023 um 21:42 Uhr 421.25 Punkte
A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to h

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

vom 02.10.2023 um 21:42 Uhr 421.25 Punkte
A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to h

Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers

vom 02.08.2023 um 18:09 Uhr 419.87 Punkte
In this guest blog from researcher Marcin Wiązowski, he details CVE-2023-21822 – a Use-After-Free (UAF) in win32kfull that could lead to a privilege escalation. The bug was reported through the ZDI program and later patched by Microsoft. Marcin has graciously provided this detailed write-up of the vulnerability, examines how it could be e

Cookies-Based Authentication Vs Session-Based Authentication

vom 17.03.2023 um 22:48 Uhr 362.73 Punkte
Introduction If There’s one thing I would like to know previously, it is the entire way Authentication works, session authentication and cookie authentication are both types of token-based authentication. So we will be talking about Cooki

IPsec Tunnel Mode vs. Transport Mode

vom 19.08.2021 um 02:00 Uhr 355.95 Punkte
IPsec (Internet Protocol Security) is a series of protocols that is used to protect IP traffic between two points on a network. It offers confidentiality, data integrity, and a high degree of security through its advanced packet encryption. For these reason

7 Tips for Low-Friction Authentication

vom 19.01.2023 um 16:45 Uhr 349.92 Punkte
User Experience and security can go hand in hand if authentication methods are chosen wisely. Explore how to create a low-friction authentication experience for your users. Authentication is one of the first interactions a customer has with your product t