Articles


Motivation

In my previous article, I demonstrated how JWT tokens can replace passwords for a safer and more secure cloud-native future.

Check out my previous articles covering SSO for DB Console using Google OAuth, Microsoft Identity Platform, and Okta.

Source de l’article sur DZONE

The security and privacy of users’ data have been a growing concern for the past few years. At the same time, JWT, as one technology to combat it, has been used more and more. Understanding JWT will give you an edge over the other software engineers. JWT might seem simple at first, but it is pretty hard to understand.

In this article, we will explore mainly JWT and JWS. In addition, we’ll also go through JWE, JWA, and JWK quickly. This article aims to make the reader understand the concept of JWT without diving too deep into the topic.

Source de l’article sur DZONE


Introduction

Security is one of the most important aspects of modern-day applications. As technology keeps getting advanced, keeping the security up-to-date is a challenge. How awesome would it be to find top trending articles in the Security Zone in one place so that you can always stay up to date with the latest trends in technology? We dug into Google analytics to find the top 10 most popular Security articles in August. Let’s get started!

10. Spring Boot Security + JWT  »Hello World » Example

Spring Boot applications have been a key in implementing the microservice architecture. Learn how to implement security in Spring Boot with JWT token. Follow the step-by-step tutorial and secure your Spring Boot microservice.

Source de l’article sur DZONE


Introduction: EnRoute Helm Chart

Helm is a popular package manager choice for Kubernetes. Installation of software, managing versions, upgrading versions, and finding charts from the registry are key benefits of Helm.

EnRoute helm chart installs the EnRoute Ingress Controller and provides easy configuration options to define policy for a service. The helm chart provides fine-grained control to define L7 policies with its ability to enable/disable plugins for a service using configuration options that can be specified when the helm is invoked.

Source de l’article sur DZONE

Gloo Edge is our Kubernetes native API gateway based on Envoy.

It provides Authentication (OAuth, JWT, API keys, JWT, …), Authorization (OPA, custom, …), Web Application Firewall (based on ModSecurity), function discovery (OpenAPI based, Lambda, …), advanced transformations, and much more.

Source de l’article sur DZONE

This week, we take a look at the security issues in cheap video doorbells and security cameras, as well as tutorials and webinars on protecting APIs running in Kubernetes, JSON web tokens (JWT), and web and API authentication and authorization.

Oh, and we also have a link to DZone community awards where you can vote for this newsletter!

Source de l’article sur DZONE

This week, the OAuth 2.0 Token Exchange got its RFC, and there is an upcoming webinar on JWT. In addition, we take a look at where to start with securing your APIs, and how 2020 seems to be shaping up according to analysts.

Standard: OAuth 2.0 Token Exchange

IETF has published the RFC 8693 for OAuth 2.0 Token Exchange.

Source de l’article sur DZONE