Posts Tagged ‘security’

DevOps teams routinely deal with the most sensitive needs of an organization: security, governance, and compliance. However, not every organization is on the same page when it comes to DevOps, which can leave developers feeling overwhelmed and overworked. Sonatype recently released findings from its seventh annual DevOps Community Survey that examines the differences between mature […]

Great TV shows take deep inspiration from reality and use that insight to teach us and also show us things we might be unaware of amid the chaos of our daily lives. As a tech company, one of our favorite examples of this is Mr. Robot, a show that follows troubled hacker and tech genius […]

Secure software practices are at the heart of all system development; doubly so for highly regulated industries such as health-care providers.  Multiple regulatory controls are required for the custodianship of patient and customer data, creation of secure software systems, governance of development environments, and ensuring proper management of audit information. As a best-practice it is […]

Before AEM 6.5, we really only had one UI to manage user permissions.  That’s not to say we couldn’t go to the JCR directly and set ACLs, but the user admin screen was just simpler. For instance, take this example from the classic user admin console. Typically, this meant that we would check the root […]

5G is changing the face of communication and connection. According to Forbes, the technological innovations from 5G could contribute as much as $2.2 trillion to the global economy over the next 15 years. The service will revolutionize the amount of data collection and increasing the number of connected devices and sensors. With the rapid growth […]

In my previous post I talked about how to add service users to the YAML file exported by the AC Tool.  But what if you want to do something else that isn’t currently possible without a recompile? There may be many reasons to create a custom file, the reason I did it was to include […]

In my last post, I showed you how to create your YAML output files.  By default, these files do not contain any user information, however, the tool does give you a pretty easy way to include these by using an OSGi configuration.  The only drawback to this approach is that you can’t change it without […]

Keeping permissions in sync across environments is an issue for most organizations.  In AEM, you can export permissions using packages but this becomes a tedious process if you need to do this on a regular basis. I won’t say that the AC Tool solves the problem completely but it’s a good place to start.  In […]

Security is a top priority for IT outsourcing companies and their clients, but maintaining high levels of security across multiple projects is often challenging and expensive. Thankfully, the key to mitigating that challenge exists in the power of automation. Automated security testing tools allow software developers and engineers to detect system vulnerabilities throughout the entire […]

In my previous post, DevSecOps and Release Coordination, I introduced the idea of four key players in the DevSecOps mediated release management process. The idea is to consolidate the validation and approval steps from a “gated” process, and shift the actual work of validation earlier in development. In this post, we will explore the role […]

Believe it or not, it’s near impossible to develop bug-free software. Even the world’s most widely used applications have noticeable defects here and there, despite having large teams of Quality Assurance (QA) experts behind them. It’s a common misconception that QA teams should uncover every single bug through testing. In fact, their main objective is […]

In the mad rush to capitalize on the benefits of the cloud, organizations are still overlooking one vital aspect: cloud security. When considering that 49% of cloud databases are not encrypted and 83% of company workloads will take place in the cloud by 2020, the opportunity for enterprise vulnerabilities is staggering. Breaches like this can […]