The purpose of a DevSecOps checklist is not to list every single action and practice you should take to ensure that DevSecOps pipeline is effective. Rather, the purpose is to help you establish the right sort of DevSecOps mindset. DevSecOps is more than a collection of best practices, it’s a shared mindset that security is the responsibility of everyone on your team.
In this tutorial, I’m going to walk through adding OAuth2 authorization and authentication to your service with the Kong Gateway OAuth2 plugin. First, I’ll cover the fundamentals. If you’re already familiar with how Kong Gateway and OAuth2 work, skip ahead to the tutorial. Interconnected. Shared. That’s the norm for today’s applications, networks and data.
While the File Transfer Protocol is one of the original protocols used in the early adoption of the internet it remains a fundamental part of modern computer networks. In this post we will look at the way the JMeter can support you in performance testing FTP and SFTP.
We’re all familiar with the internet, especially since we use it to do almost all of our daily activities. Since the days of that familiar buzzing noise of AOL dial-up as it connected to somewhere out there in the stratosphere, we’ve been hooked on the internet and its vast space that holds endless amounts of information, ready for us to tap into right at our fingertips.
The growth of data has been exponential. By 2023, it's anticipated that approximately 463 exabytes (EB) will be created every day. To put this into perspective, one exabyte is a unit equivalent to 1 billion gigabytes. By 2021, 320 billion emails will be sent daily, many of which contain personal information. Data collected around the globe contains the type of information that businesses leverage to make more informed decisions.
The concept of zero-trust security is relatively simple. In essence, no entity or system should have trust by default. You should assume that any system you are talking to is not trustworthy until you establish otherwise. Within Kong Konnect, one mechanism to apply zero-trust is the OpenID Connect API gateway plugin. In this post and the below recording from our recent Destination: Zero-Trust virtual event, I’ll cover OpenID at a high level and some of its applications and use cases.
With the new App-Ray Step, you can scan your apps for vulnerabilities such as security issues, privacy breaches, and potential data leaks. Available on Bitrise now.
In this quick guide for cybersecurity professionals, we’ve invited some of our favourite security experts who have previously worked with Metasploit to explain why this tool is so valuable for conducting effective penetration tests and network reconnaissance tasks. Our first expert Michael Roninson, Security Expert at Cerber Tech gives a brief overview of this tool and how to use it in his response below;
Oversecured joins our rapidly growing partnership program as the first Verified Step focusing on app security. Scan your apps before they go to production, detect known vulnerabilities, and protect your user’s data from the comfort of your favorite CI/CD service.
