Posts Tagged ‘security’

Before AEM 6.5, we really only had one UI to manage user permissions.  That’s not to say we couldn’t go to the JCR directly and set ACLs, but the user admin screen was just simpler. For instance, take this example from the classic user admin console. Typically, this meant that we would check the root […]

5G is changing the face of communication and connection. According to Forbes, the technological innovations from 5G could contribute as much as $2.2 trillion to the global economy over the next 15 years. The service will revolutionize the amount of data collection and increasing the number of connected devices and sensors. With the rapid growth […]

In my previous post I talked about how to add service users to the YAML file exported by the AC Tool.  But what if you want to do something else that isn’t currently possible without a recompile? There may be many reasons to create a custom file, the reason I did it was to include […]

In my last post, I showed you how to create your YAML output files.  By default, these files do not contain any user information, however, the tool does give you a pretty easy way to include these by using an OSGi configuration.  The only drawback to this approach is that you can’t change it without […]

Keeping permissions in sync across environments is an issue for most organizations.  In AEM, you can export permissions using packages but this becomes a tedious process if you need to do this on a regular basis. I won’t say that the AC Tool solves the problem completely but it’s a good place to start.  In […]

Security is a top priority for IT outsourcing companies and their clients, but maintaining high levels of security across multiple projects is often challenging and expensive. Thankfully, the key to mitigating that challenge exists in the power of automation. Automated security testing tools allow software developers and engineers to detect system vulnerabilities throughout the entire […]

In my previous post, DevSecOps and Release Coordination, I introduced the idea of four key players in the DevSecOps mediated release management process. The idea is to consolidate the validation and approval steps from a “gated” process, and shift the actual work of validation earlier in development. In this post, we will explore the role […]

Believe it or not, it’s near impossible to develop bug-free software. Even the world’s most widely used applications have noticeable defects here and there, despite having large teams of Quality Assurance (QA) experts behind them. It’s a common misconception that QA teams should uncover every single bug through testing. In fact, their main objective is […]

In the mad rush to capitalize on the benefits of the cloud, organizations are still overlooking one vital aspect: cloud security. When considering that 49% of cloud databases are not encrypted and 83% of company workloads will take place in the cloud by 2020, the opportunity for enterprise vulnerabilities is staggering. Breaches like this can […]

The ability to make better business decisions relies on better access to information, which companies are finding through the implementation of data lakes. Data lakes are centralized repositories that can be used to store all of a company’s structured and unstructured data at any scale. They allow businesses to rapidly harness more data from more […]

In our previous post, Create Your Transformation Roadmap for Application Modernization, we offered guidance to prepare your organization for successful cloud adoption. Part 2 of this series addresses some of the security concerns you may stumble upon in your cloud journey. We also share some best practices for infusing security across your organization. Questions about […]

This post will be the first in a multi-part series talking about configuring various key stores and trust stores IBM MQ and IBM Integration Bus and populating them with certificates. General Information Key stores and trust stores are files in a proprietary format. Key stores hold certificates that an application sends across during the SSL […]