Tag: DZone Security Zone

Would you rather have determined that you are in fact secure, or are you willing to accept that you are “probably” doing things securely? This might seem like a silly question on the surface, after all, audits don’t work on…

Read more →

In this blog, we will take a closer look at Spring Security, specifically in combination with Keycloak using OpenID Connect, all supported with examples and unit tests. Enjoy! Introduction Many applications are supported by means of authentication and authorization. However,…

Read more →

Series reminder: This series explores how explainability in AI helps build trust, ensure accountability, and align with real-world needs, from foundational principles to practical use cases. Previously, in Part VII: SHAP: Bringing Clarity to Financial Decision-Making. This article has been indexed from…

Read more →

Enterprise cloud architecture demands sophisticated orchestration of infrastructure, configuration, and workload management across diverse computing platforms. The traditional approach of manual provisioning and siloed tool adoption has become a bottleneck for organizations seeking cloud-native agility while maintaining operational excellence. This…

Read more →

In the previous articles of this series, we explored the importance of data governance in managing enterprise data effectively (Part 1), how BigID supports data governance, particularly for data privacy, security, and classification (Part 2), and the role of Data…

Read more →

The digital infrastructure we’ve built resembles a house of cards. One compromised dependency, one malicious commit, one overlooked vulnerability and the entire edifice comes tumbling down. In March 2024, security researchers discovered something terrifying: a backdoor lurking within XZ Utils,…

Read more →

Container security is all about making sure you run an image that is exceptionally low in vulnerability and malware. I would love to say having zero vulnerabilities, but it is rarely possible in the real world. In the worst case,…

Read more →

“We recently purchased a Zero Trust solution.”  A statement like that makes even the most seasoned security experts cringe. Zero Trust is a ubiquitous notion in 2025, appearing in product packaging, seminars, and sales presentations. However, the fundamental idea is…

Read more →

Modern automation frameworks have come a long way—Playwright, Cypress, RestAssured, Cucumber, and Selenium enable teams to run sophisticated end-to-end validations across browsers and services. But under all that progress lies a risk that’s still alarmingly common: secrets hardcoded into test…

Read more →

This article demonstrates how a critical Trivy SBOM generation fix (PR #9224) can be scaled into an enterprise GenAI-powered platform, delivering comprehensive DevSecOps automation and millions in cost savings. We will explore the technical implementation from core dependency resolution improvements…

Read more →

Many times, while developing at work, I needed a template for a simple application from which to start adding specific code for the project at hand. In this article, I will create a simple Java application that connects to a…

Read more →

Do you have a use case where you want to implement a network firewall in IBM Cloud VPC that filters traffic based on hostname? For example, you may want to allow connections only to www.microsoft.com and www.apple.com, while blocking access…

Read more →

Series Overview This article is Part 2.3 of a multi-part series: “Development of system configuration management.” The complete series: This article has been indexed from DZone Security Zone Read the original article: Development of System Configuration Management: Handling Exclusive Configurations…

Read more →

I constantly have thoughts buzzing in my head, and I need to throw them somewhere or they’ll just fly away. So I thought I’d write a few articles about how our lives are becoming more like the movies and games…

Read more →

Editor’s Note: The following is an article written for and published in DZone’s 2025 Trend Report, Data Engineering: Scaling Intelligence With the Modern Data Stack. Data has evolved from a byproduct of business processes to a vital asset for innovation and…

Read more →

The overall landscape of app development is continuing with a transformative shift that is driven by various latest technologies, including AI or artificial intelligence, edge computing, and blockchain. These innovations are enhancing the efficiency and functionality of the apps, catering…

Read more →

Series Overview This article is Part 2.1 of a multi-part series: “Development of system configuration management.” The complete series: This article has been indexed from DZone Security Zone Read the original article: Development of System Configuration Management: Working With Secrets,…

Read more →

The Internet of Things (IoT) comprises smart devices connected to a network, sending and receiving large amounts of data to and from other devices, which generates a substantial amount of data to be processed and analyzed.   Edge computing, a…

Read more →

Introduction In the new cloud-native era, it is important to be able to scale and manage applications efficiently. Kubernetes, as a leading container orchestration platform, provides strong features for managing storage through Persistent Volume Claims (PVCs). Mapping Kubernetes to traditional…

Read more →

Introduction In modern industrial automation, security is a primary requirement to keep the regular operation of industrial connected devices without disruption. However, the rise of cyber risks also significantly impacts the industry’s sustainable operation. The evolving cyberattacks can affect the…

Read more →