We’re all familiar with the internet, especially since we use it to do almost all of our daily activities. Since the days of that familiar buzzing noise of AOL dial-up as it connected to somewhere out there in the stratosphere, we’ve been hooked on the internet and its vast space that holds endless amounts of information, ready for us to tap into right at our fingertips.
The growth of data has been exponential. By 2023, it's anticipated that approximately 463 exabytes (EB) will be created every day. To put this into perspective, one exabyte is a unit equivalent to 1 billion gigabytes. By 2021, 320 billion emails will be sent daily, many of which contain personal information. Data collected around the globe contains the type of information that businesses leverage to make more informed decisions.
The concept of zero-trust security is relatively simple. In essence, no entity or system should have trust by default. You should assume that any system you are talking to is not trustworthy until you establish otherwise. Within Kong Konnect, one mechanism to apply zero-trust is the OpenID Connect API gateway plugin. In this post and the below recording from our recent Destination: Zero-Trust virtual event, I’ll cover OpenID at a high level and some of its applications and use cases.
With the new App-Ray Step, you can scan your apps for vulnerabilities such as security issues, privacy breaches, and potential data leaks. Available on Bitrise now.
In this quick guide for cybersecurity professionals, we’ve invited some of our favourite security experts who have previously worked with Metasploit to explain why this tool is so valuable for conducting effective penetration tests and network reconnaissance tasks. Our first expert Michael Roninson, Security Expert at Cerber Tech gives a brief overview of this tool and how to use it in his response below;
Oversecured joins our rapidly growing partnership program as the first Verified Step focusing on app security. Scan your apps before they go to production, detect known vulnerabilities, and protect your user’s data from the comfort of your favorite CI/CD service.
We dare you to go to your mobile device and search for a health and wellness app already installed. Truth is, even if you did not actually download it, your operating system most likely came with at least one app like that. Now, you might have chosen to delete such an app, in which case, we lost the dare. But it does not deny the fact that your mobile device, the very one that lets you shop, communicate, work, or travel, has just as much potential to assist in your well-being.
When Kudu was first introduced as a part of CDH in 2017, it didn’t support any kind of authorization so only air-gapped and non-secure use cases were satisfied. Coarse-grained authorization was added along with authentication in CDH 5.11 (Kudu 1.3.0) which made it possible to restrict access only to Apache Impala where Apache Sentry policies could be applied, enabling a lot more use cases.
Imagine you’re going through immigration at the airport. The immigration officer says, “I don’t need your passport because I trust that you are who you claim to be.” Wait, what? That would never happen, right? That’s because trust is exploitable. Sooner or later, somebody will try to lie about who they are, and thus a criminal could enter the country. That’s why countries must enforce some form of identity, like a passport, to certify travelers are who they claim.
