Category: Tidbits

When you became a developer, you didn’t imagine you’d be spending a big chunk of your time parsing vulnerability reports, getting stuck in security review cycles, or rerunning CI jobs because the pipeline flagged a dozen “critical issues,” half of which are false positives.  You didn’t sign up for this. You weren’t even given a choice, but here you are: 

Serverless computing, app development, and deployment have been completely revolutionized by its unparalleled scalability and cost efficiency. Infrastructure management abstraction, which is provided by serverless platforms like AWS Lambda, Google Cloud Functions, and Azure Functions, allows developers to concentrate on building their functionality while the cloud provider takes care of scaling, patching, and maintenance.  However,

Did you know cloud security was one of the most evident challenges of using cloud solutions in 2023? As businesses increasingly depend on Cloud services like Amazon Web Services (AWS) to host their applications, securing sensitive data in the Cloud becomes non-negotiable.  Organizations must ensure their technology infrastructure meets the highest security standards. One such

The threat of malware in enterprises is evolving each year. As enterprises expand their digital footprint through remote work and cloud adoption, their attack surface increases, making them more vulnerable to targeted malware campaigns. FBI’s 2023 Internet Crime Report showed that Business Email Compromise (BEC) scams alone caused over USD 2.9 billion in losses. Investment

In modern microservices architectures, achieving comprehensive observability is not just an option—it’s a necessity. As applications scale dynamically within Kubernetes environments, tracking performance issues, enforcing security policies, and ensuring smooth deployments become complex challenges. Traditional monitoring solutions alone cannot fully address these challenges. This guide explores four powerful tools that significantly improve observability and control

Cybersecurity encompasses multiple different domains, including network isolation, platform security and infrastructure security. However, one thing that we less frequently discuss, but use more than often is cryptography. Whether it’s HTTPS, data encryption in databases, disk encryption, or technologies like VPNs and blockchains, cryptography is one of the fundamental building blocks. As part of this

In today’s fast-paced world, organizations face increasing cyber threats that can compromise their operational integrity, erode customer trust, and jeopardize financial stability. While it’s crucial to have advanced security technologies in place, many organizations overlook the importance of cultivating a culture of security. A robust security culture is a key factor in preventing security breaches,

The field of digital forensics often uses signatures to identify malicious executables. These signatures can take various forms: cryptographic hashes can be used to uniquely identify executables, whereas tools like YARA can help malware researchers identify and classify malware samples. The behavior of files— functions exported, functions called, IP addresses and domains they connect to,

Protecting database access through strong password policies is a cornerstone of security in any environment. When deploying Oracle databases on AWS RDS, enforcing password complexity is essential, but the approach differs slightly from on-premises Oracle environments. AWS provides two primary ways to enforce password complexity in RDS Oracle: using the standard ORA_STIG_VERIFY_FUNCTION or a custom

Free Online Utilities May Not Be Safe Using online developer utilities, such as a JSON Viewer, can be incredibly convenient for parsing and visualizing JSON data, but they also come with significant risks. The tool, for instance, often requires users to upload JSON files or paste sensitive data directly into the tool. If the utility