Tag: DZone Security Zone

How Hackers Bypass Lateral Movement Detection (And How to Stop Them) Detecting lateral movement has emerged as a crucial cybersecurity challenge today. Attackers who breach network perimeters follow a five-step process. They start with reconnaissance, move to their original compromise,…

Read more →

Security researchers and developers are raising alarms over “slopsquatting,” a new form of supply chain attack that leverages AI-generated misinformation commonly known as hallucinations. As developers increasingly rely on coding tools like GitHub Copilot, ChatGPT, and DeepSeek, attackers are exploiting…

Read more →

FIPS (Federal Information Processing Standards) [1] defines a set of public security standards developed by NIST (National Institute of Standards and Technology) [2] that govern the security requirements for cryptographic modules used in government systems. FIPS 140-3 is the latest…

Read more →

Introduction As of 2023, it’s estimated that 42 billion cumulative Wi-Fi enabled devices have been shipped (Wi-Fi® by the Numbers: Technology Momentum in 2023, n.d.). Every new device adds to the increasing wireless attack surface, and it’s important for anyone…

Read more →

It was not so long ago that I was having a much closer look at how AI is becoming embedded in our everyday developer work. I have watched more intelligent code suggestions, automated testing routines, and those ubiquitous chatbots become…

Read more →

Think your organization is too small to be a target for threat actors? Think again. In 2025, attackers no longer distinguish between size or sector. Whether you’re a flashy tech giant, a mid-sized auto dealership software provider, or a small…

Read more →

Abstract This article explores how artificial intelligence (AI) is enhancing threat detection in cloud certificate environments. It explicates how dissimilar AI modeling, such as supervised, unsupervised, and reinforcement learning, is used to describe and respond to security measures and threats…

Read more →

Businesses and individual users now employ big data analysis to support decision-making, engineering innovation, and productivity levels. However, the surge in the reliance on big data leads to growing concerns regarding its accuracy and trustworthiness. Although big data provides unprecedented…

Read more →

Abstract This paper presents a comprehensive approach to securing sensitive data in containerized environments using the principle of immutable secrets management, grounded in a Zero-Trust security model. We detail the inherent risks of traditional secrets management, demonstrate how immutability and…

Read more →

Introduction Cloud providers offer baseline landing zone frameworks, but successful implementation requires strategic customization tailored to an organization’s specific security, compliance, operations, and cost-management needs. Treating a landing zone as a turnkey solution can lead to security gaps and operational…

Read more →

Cookies are fundamental aspects of a web application that end users and developers frequently deal with. A cookie is a small piece of data that is stored in a user’s browser. The data element is used as a medium to…

Read more →

In the day-to-day operations of companies, solution architecture and information security are two areas that inevitably intersect. Both play a key role in building robust, scalable, and reliable technology environments. However, one question lingers — though rarely openly discussed: what…

Read more →

Apache Iceberg has emerged as a pioneering open table format,  revolutionising data management by addressing big challenges. In this article, we’ll delve into Iceberg’s capabilities, discuss its limitations, and explore the implications for data architects. A Brief History Lesson: Hadoop’s…

Read more →

As enterprises accelerate AI adoption, their cloud strategy determines whether they can efficiently train models, scale workloads, and ensure compliance. Given the computational intensity and data sensitivity of AI, businesses must choose between hybrid cloud and multi-cloud architectures. While both…

Read more →

As digital identity ecosystems evolve, the ability to issue and verify digital credentials in a secure, privacy-preserving, and interoperable manner has become increasingly important. Verifiable Credentials (VCs) offer a W3C-standardized way to present claims about a subject, such as identity…

Read more →

AWS API Gateway is a managed service to create, publish, and manage APIs. It serves as a bridge between your applications and backend services. When creating APIs for our backend services, we tend to open it up using public IPs.…

Read more →

Running “npm install” requires trusting unknown parties online. Staring at node_modules for too long leads someone to become a node_modules expert. We Should Have Solved This Issue By 2025 The registry expands relentlessly at the rate of one new library…

Read more →

A developer’s work doesn’t stop once the code is written. The real action begins when it’s deployment day. The process—managing multiple environments, testing new features, or ensuring seamless uptime during releases—must be fast, secure, and efficient. Can you imagine a…

Read more →

Introduction to AWS Network Load Balancer AWS has several critical services that drive the internet. If you have ever built any application on top of AWS and need a high throughput or volume of traffic, the chances are that you’ve…

Read more →

Security practices in DevOps have evolved from being a minor concern to one of the main focus points, which resulted in the DevSecOps movement. It’s about “shifting security to the left” in the software development lifecycle — so the security…

Read more →