security
The Importance of Data Classification in a Post-GDPR World Automated data classification can have a range of benefits. These include making it possible to organize and secure data for compliance purposes, assisting with deletion of data that is no longer needed, enabling monitoring and alerting, and reducing the cost of compliance. |
||
The Rise of Security Challenges for the Data Cloud Data is getting dispersed across numerous databases, microservices, analytics tools, and pipelines. This results in increased security concerns that will soon become “top-of-mind” for engineering and security teams alike. |
||
Why use JSON Web Token (JWT) in Authentication JSON Web Token (JWT) is an open, JSON-based standard for securely transmitting information between parties. In addition to secure information exchange, JWT could be used for authentication. |
||
Why You Should Automate Compliance Compliance policy is one of those things most employees find boring and useless. However, for employers, staying compliant is one of the most crucial tasks and can have serious legal and financial repercussions if not done properly. But how can you make following compliance policy easier for your employees? |
||
Operationalizing Cloud Security with Policy-as-Code Josh Stella explores why PaC is critical to validate that large, complex cloud infrastructure environments adhere to industry compliance standard and internal policies.
|
||
3 Critical Considerations for Technical Due Diligence Technical due diligence is the process of verifying a company’s technical capabilities, quality, and processes. It is typically performed by investors or buyers before a contract. There are many aspects you can investigate, but three are crucial: a code review, security evaluation, and open source components compliance. |
||
Lessons the Software Community Must Take from the Pandemic Due to COVID-19, organizations of all types have had to implement continuity plans within an unreasonably short amount of time. These live experiments in agility have shaken up our industry, but it's also taught us a lot of invaluable lessons about digital transformation, cybersecurity, performance engineering, and more. |
||
Choosing the Right Threat Modeling Methodology Threat modeling has transitioned from a theoretical concept into an IT security best practice. Choosing the right methodology is a combination of finding what works for your SDLC maturity and ensuring it results in the desired outputs. Let’s look at four different methodologies and assess their strengths and weaknesses. |