In the days of the on-premises data center and early cloud adoption, the roles of application developers, infrastructure operations, and security were largely siloed. In the cloud, this division of labor increases the time-to-market for innovation reduces productivity, and invites unnecessary, risk. In a data center environment, developers build software applications, IT teams build the … Read more
Identity verification is among the primary contributors to mobile app security. Considering that face data is unique for each person, it has been utilized to develop a major branch of identity verification: face recognition. Face recognition has been widely applied in services we use every day, such as unlocking a mobile device, face-scan payment, access … Read more
I had the opportunity to meet with 12 cybersecurity solutions providers during the 25th Black Hat Cybersecurity Conference. I observed three trends at this conference that are represented by the solutions the following companies offer: API security DarkWeb research and tracking Reducing security tool sprawl with integrated solutions Here’s what I learned and who I … Read more
As enterprises adopt cloud technologies, it is crucial to design a secure cloud architecture. If you do not adhere to cloud security guidelines, organizations can expose themselves to cybersecurity threats, resulting in an unwanted impact on cloud infrastructures and workloads. First, let us look at the most common cloud security challenges facing nearly every organization. … Read more
Organizations should not expect developers to be security experts; that’s not what they have been trained to be, and it’s not their job. Instead, organizations should use application security teams to enable developers by giving them access to secure frameworks, libraries, and defaults, making the most secure option the easiest choice. Security guardrails are designed … Read more
Since the introduction of smart contract technology, Solidity has been the coding language of choice for smart contract developers. However, if you’re a Solidity developer, you already know it has drawbacks. Among other flaws, major security concerns can arise from the simple mishandling of certain data types, and there are no built-in access controls. A … Read more
I had the opportunity to hear Chris Krebs, founding partner of the Krebs Stamos Group and former director of the Cybersecurity and Infrastructure Security Agency (CISA) deliver the opening keynote at the 25th Black Hat Security Conference. For 25 years, the InfoSec community and industry have chipped away at security vulnerabilities in technology with research … Read more
From installing and configuring the agent to perform attacks and getting alerts source: pixabay.com The last time I wrote about SQL Injections. To be honest, at that time, I had two goals in mind: First, explain what SQL Injections are, how they work, and how to perform and prevent them. Second, how to prevent them … Read more
As a fast-growing open source NewSQL database, TiDB frequently releases new features and improvements. If you are a TiDB user, you may have found it hard to decide whether or not to upgrade your version. You may have also wondered how to make your upgrade journey safer, smoother, and even unnoticed by business. On the … Read more
While businesses and services are expanding into cyberspace with minimal improvement in the traditional cybersecurity techniques, cybercriminals are revolutionizing cyber-attacks with artificial intelligence. Cyber threats are getting novel by the day and leaving under-resourced security operations analysts only to catch up. According to Sridhar Muppidi, Technology Security Chief at IBM, he alluded that security professionals … Read more