Articles

The Sword in the Darkness, the Watcher on the Wall

,

What the Game of Thrones Night’s Watch Can Teach Us About DevOps Security

If you are reading this, you probably got sucked into watching Game of Thrones when it first aired on HBO in 2011. It is amazing how much has changed during the eight seasons of the series, but, as a developer and security guy, I find the Night’s Watch story the most interesting. The series debuts with the men in black – a.k.a the Night’s Watch – patrolling the wall. Soon, we learn that, contrary to popular belief, there really are supernatural threats lurking in the darkness that put all of Westeros at risk.

The Wall that the Night’s Watch guard is the only thing standing between the country of Westeros and the deadly White Walkers. However, rather than immediately getting all the resources they need to tackle this danger, the people of the Night’s Watch spend the next seven seasons convincing the rest of Westeros that these threats are real and that leaving the Wall woefully understaffed and poorly defended endangers everyone. Hmm…sounds familiar?

Source de l’article sur DZONE

/par

The Truth About Cybersecurity Project Management

,

Whether you’re moving your company’s repository to the cloud or updating an IT infrastructure, securing data from sneaky malware attacks is crucial. According to a report on cybercrime by Accenture, the number of security breaches faced by businesses has increased by 11% since 2018. 

The losses suffered are substantial in terms of cost and information. In this climate, increasing technological advancements and 5G communication could simplify how attackers breach an organization’s security systems. 

Source de l’article sur DZONE

/par

HTTP and Scalable Software Systems

,

If you think about the World Wide Web, it’s easy to imagine it as a single software system. Once you do, you realize it’s the largest software system the world has ever created — probably by hundreds of orders of magnitude. It contains trillions of lines of code, hundreds of millions of servers, and billions of clients, running thousands of different programming languages. Still, it works more or less as we expect it to work. So, what made it possible for humans to create such an enormous software system? The answer is simple: HTTP!

The HTTP protocol allows us to create perfect encapsulation. The client and the server don’t need to know anything about each other, besides the URL, HTTP verb, and what parameters to pass in and expect as output. This allows billions of clients to interact with each other, without knowing (almost) anything about each other. If you reduce it down to its basic components, it becomes painfully obvious that the following is a recipe for winning.

Source de l’article sur DZONE

/par

How Bitcoin Processing Units Are Being Used For Mining Digital Currency

,

It’s a famous fact that bitcoin mining hardware has changed by leaps and bounds lately due to the growth of new central processing units in the marketplace. The new machines may conduct Bitcoin processing at a faster rate when compared with the computers of yesteryear.

Furthermore, they consume less power. Field programming team array processors are connected with CPUs to boost their computing power. While selecting hardware for Bitcoin processing, ensure it includes a large hash rate that would deliver spectacular results to your users. According to experts, the rate of data processing is measured in mega hash rates each second, or GIGA hash speeds per second.

Source de l’article sur DZONE

/par

We Trust Blockchain Says the Card Payment Industry – But Why Still the Struggle

,

Eliminate the middleman to boost security! A promise made by blockchain is already nailing the card payment industry. Ever since the emergence of Bitcoin in 2009, the number of blockchain wallets increased to approximately 42 million users in September end 2019, as per Statista.

Blockchain, the underlying technology is poised to disrupt every industry.

Source de l’article sur DZONE

/par

Proxy SOCKS5 et ses Avantages

,

Comme beaucoup d’autres protocoles de l’internet, des CHAUSSETTES channelizes paquets entre un serveur et un client à l’aide d’un serveur proxy. Les paquets d’informations sont transférées par l’intermédiaire d’un serveur proxy qui génère un arbitraire adresse IP avant que l’information ne parvient à sa destination.

SOCKS5 est la dernière version qui utilise des serveurs proxy pour former UDP (User Datagram Protocol) ou Protocole de Contrôle de Transmission (TCP) par le biais de l’arbitraire des adresses IP.

Source de l’article sur DZONE

/par

AppSec in the Age of DevSecOps

,

Awhile back, I had a conversation with a friend that I went to school with (currently a senior member of the engineering team at a large retail chain) who was tasked with the job of identifying potential application security partners (he addressed vendors as partners, which I personally liked) that they could collaborate with on various areas as part of their product security initiative. The following piece emerged as an extension of my immediate thoughts when he shared his views of what could have made his experience of interacting with front line sales and marketing folks better.

In the context of DevSecOps, much has been said about the need for engineering to speak security, security to speak code, DevOps to speak security, etc. But, as a Technology Service Provider (TSP), riding the current wave of application security, its almost mandatory for the Sales and Marketing teams to speak relevant tech!

Source de l’article sur DZONE

/par

Transaction Execution — Ethereum Yellow Paper Walkthrough (4/7)

,

In this post, we start looking into how the Ethereum platform executes transactions. We will learn transaction validity rules and why they exist. After that, we will deep-dive into transaction execution and understand the steps taken by nodes while processing a transaction.

This post is the fourth in the series Ethereum Yellow Paper Walkthrough. The goal of this series is to demystify the concepts in the paper, making it accessible to a broader audience. If you missed the previous posts, here they are!

Source de l’article sur DZONE

/par

What Developers Need to Know About Java Security

,

Java gained a reputation as a secure programming language when it was introduced in the mid-1990s. At that time, C or C++ was used for the majority of business programming. Java removed many pitfalls and vulnerabilities of those languages, like manual memory allocation.

This reputation as a more secure language does not mean that all Java code is automatically secure. Developers still have to make sure that they deliver secure code. Fortunately, you can stay on top of your Java security by keeping an eye on possible Java threats.

Source de l’article sur DZONE

/par

Use OAuth 2.0 to Secure Your ASP.NET Core App

,

Imagine having an app where you can write and store your notes efficiently. Today, we are going to build an app that will keep track of your notes. We’ll use ASP.NET Core to build the app. We’ll also use .NET Core’s OAuth 2.0 authentication middleware to make sure the personal notes are kept secure.

My Private Notes App

As mentioned earlier, you’ll use an ASP.NET app to build your note-keeping app. Here’s how the app works: The home page will keep track of all your recent notes, and if you include more than three notes, the oldest will be shelved. Once we’ve built the app, you’ll learn how to secure it with OAuth. Read this starter project from GitHub to get started. 

Source de l’article sur DZONE

/par