Posts Tagged ‘security’

In my last post, I showed you how to create your YAML output files.  By default, these files do not contain any user information, however, the tool does give you a pretty easy way to include these by using an OSGi configuration.  The only drawback to this approach is that you can’t change it without […]

Keeping permissions in sync across environments is an issue for most organizations.  In AEM, you can export permissions using packages but this becomes a tedious process if you need to do this on a regular basis. I won’t say that the AC Tool solves the problem completely but it’s a good place to start.  In […]

Security is a top priority for IT outsourcing companies and their clients, but maintaining high levels of security across multiple projects is often challenging and expensive. Thankfully, the key to mitigating that challenge exists in the power of automation. Automated security testing tools allow software developers and engineers to detect system vulnerabilities throughout the entire […]

In my previous post, DevSecOps and Release Coordination, I introduced the idea of four key players in the DevSecOps mediated release management process. The idea is to consolidate the validation and approval steps from a “gated” process, and shift the actual work of validation earlier in development. In this post, we will explore the role […]

Believe it or not, it’s near impossible to develop bug-free software. Even the world’s most widely used applications have noticeable defects here and there, despite having large teams of Quality Assurance (QA) experts behind them. It’s a common misconception that QA teams should uncover every single bug through testing. In fact, their main objective is […]

In the mad rush to capitalize on the benefits of the cloud, organizations are still overlooking one vital aspect: cloud security. When considering that 49% of cloud databases are not encrypted and 83% of company workloads will take place in the cloud by 2020, the opportunity for enterprise vulnerabilities is staggering. Breaches like this can […]

The ability to make better business decisions relies on better access to information, which companies are finding through the implementation of data lakes. Data lakes are centralized repositories that can be used to store all of a company’s structured and unstructured data at any scale. They allow businesses to rapidly harness more data from more […]

In our previous post, Create Your Transformation Roadmap for Application Modernization, we offered guidance to prepare your organization for successful cloud adoption. Part 2 of this series addresses some of the security concerns you may stumble upon in your cloud journey. We also share some best practices for infusing security across your organization. Questions about […]

This post will be the first in a multi-part series talking about configuring various key stores and trust stores IBM MQ and IBM Integration Bus and populating them with certificates. General Information Key stores and trust stores are files in a proprietary format. Key stores hold certificates that an application sends across during the SSL […]

Pen testers often need to stage payloads and other tools on servers outside of their own infrastructure.  In this post I’ll show you how to use the Amazon AWS command line interface (CLI) to dynamically create and manage S3 buckets that you can use in your own pen tests.  I’ll also show you how to […]

In what appears as a highly coordinated attack by a single actor, 23 local government agencies in the state of Texas were hit with ransomware. This extends the recent trend where local government entities were targeted, some of which have led to the attackers being paid millions of dollars via crypto-currency. A first line of […]

Whether your company has 10 people or 10,000 people, security measures need to be in place to ensure a safe, secure, and compliant environment for your end users. Many companies will often be required to adhere to certain security regulations and compliance standards but rest assured Microsoft has your back.  Microsoft understands this need for […]