Month: November 2025

APIs: The New Battlefield Every API endpoint is a doorway. Some lead to treasure vaults. Others? Straight into disaster. I’ve spent the last five years watching enterprises get blindsided by API attacks they never saw coming. Payment processors are losing millions through lateral movement. SaaS platforms are hemorrhaging customer data via misconfigured gateways. E-commerce giants

One of the many use cases customers run on Ampere-powered systems is packet processing workloads built on DPDK. Ampere has published a setup and tuning guide for DPDK to assist customers with getting the best performance from these workloads. Since many customers make heavy use of encryption/decryption operations in their DPDK applications, we are supplementing

Abstract This article explores the design and deployment of a secure, retrieval-augmented generation (RAG)- powered chatbot tailored for family use using Spring AI. By combining Spring AI’s modular orchestration capabilities with a local vector store and embedding models, the chatbot delivers grounded, context-aware responses to everyday queries — ranging from locating personal documents to offering

When our engineering team decided to tighten security around AWS access without slowing developers down, we quickly ran into a familiar trade-off — speed vs. control. We had engineers needing quick access to production for debugging, deployments, and performance checks, but long-lived IAM users and static credentials made our compliance team nervous. That’s where Okta-driven Just-in-Time

Large language models (LLMs) can be used to generate source code, and these AI coding assistants have changed the landscape for how we produce software. Speeding up boilerplate tasks like syntax checking, generating test cases, and suggesting bug fixes accelerates the time to deliver production-ready code. What about securing our code from vulnerabilities? If AI can

For years, CPU designers focused on making processors faster. Techniques like out-of-order and speculative execution became standard to keep every part of the chip busy. These tricks helped achieve huge performance gains, but they also opened the door to a new kind of vulnerability. In 2018, two major security flaws, Spectre and Meltdown, showed that

Today, we’re excited to announce the DocumentDB Kubernetes Operator, an open-source, cloud-native solution to deploy, manage, and scale DocumentDB instances on Kubernetes. DocumentDB is a MongoDB-compatible, open-source document database built on PostgreSQL. The DocumentDB Kubernetes Operator represents a natural evolution of the DocumentDB ecosystem, following our open source announcement and recent joining of the Linux

Data is always on the move. Data flows across multiple interconnected systems, creating an expanded attack surface that spans Slack messages, browser-based AI tools, cache folders, and distributed cloud workloads. Security teams have long tried to keep up. While traditional tools, such as firewalls, SIEMs, and DLPs, have evolved to address dynamic data flows, they

Most companies set up their AI document assistant the same way: give it access to the repository, then rely on it to filter results based on user permissions. When someone asks: “For the security audit, list all documents containing ‘confidential’ in the title.”

As an automation engineer and architect, I have been using IaC tools like Terraform for years. Recently, I started exploring and learning Pulumi, an Infrastructure as Code platform that lets developers and teams create, deploy, and manage cloud resources using familiar programming languages. As part of my weekend reading, I came across a new announcement