Systems | Development | Analytics | API | Testing

Security

Opening the Door to Security Risk

Pushing your code to production without testing? You might want to think twice. In this episode, Bobby Dorlus, founder and CEO of #TheTechHustle, shares the importance of test automation, site reliability engineering, and his advocacy of diversity within the industry. Tune in as Jason and Bobby analyze the stats and real-life debacles that happen when testing gets skipped, as well as those who should be responsible for testing. Spoiler alert—it’s not just the developers.

Embedded Software Security for Industry 4.0 and the Internet of Things

Technology is booming now more than ever, and every day brings new products and functionality for every unimaginable task. It is not just about mobile apps and computers anymore; instead, it is all about embedded systems and Internet-of-Things (IoT) devices that have quickly become so commonplace, both in our day-to-day lives and in industries like industrial automation.

An Introduction to Auth0 for Ruby on Rails

From custom-made to plug-and-play forms of authentication, Ruby developers have plenty to choose from these days. Yet, as you may know, building your own solution can be costly and dangerous. If Devise is the de facto standard for most teams, an alternative might simplify the lives of most. This article will cover the setup and use of Auth0 in a Ruby on Rails application, including everything you need to get going properly, from handling roles to relying on multiple providers to authenticate users.

Introduction to WSO2 Identity Server 7.0 | an Overview

Welcome to the Introduction to WSO2 Identity Server 7! In this video, we'll guide you through the essential features and functionalities of WSO2 Identity Server, an open-source identity and access management (IAM) solution designed to help enterprises manage their digital identities securely and efficiently. Join us as we explore application integration, authentication options, user management, API authorization, and the powerful B2B capabilities offered by Identity Server 7.

Demonstrating Proof-of-Possession (DPoP): Preventing Illegal Access of APIs

In a previous blog post, we discussed the prevalence of bearer tokens (or access tokens) to restrict access to protected resources, the challenges the sheer nature of bearer tokens present, and available mitigations. To recap, presenting a bearer token is proof enough of an authorization grant to avail the service and access resources protected by the token. This poses many security risks such as using stolen or leaked tokens to gain unauthorized access.

Why Penetration Testing is Non-Negotiable in Today's Cybersecurity Landscape

Securing your software is essential in this day and age when cyber dangers may be found anywhere on the internet. Take a look at these concerning numbers: These numbers demonstrate the need for proactive security testing services like penetration testing, a.k.a. pen testing. Pen testing imitates real attacks on your applications to identify weaknesses before nefarious actors use them.

Creating a Secure SIMATIC PLC REST API Using DreamFactory

Organizations deploying Siemens SIMATIC PLCs (Programmable Logic Controllers) will logically want to track and manage PLC metrics. Exactly how these metrics are managed will depend upon the specific needs of the organization. For instance, organizations that would like to send PLC data directly to a Microsoft SQL Server database can use the TDS (Tabular Data Stream) protocol. But what if you wanted to subsequently access this data via a REST API?

Top 10 Mobile App Security Threats

With mobile apps expected to reach more than 183.7 billion installations globally, there has also been an increase in mobile app security threats. Today’s cyberattacks are highly sophisticated, requiring constant vigilance due to many unknown or emerging threats. These threats require a proactive approach to mobile application security. End users can take steps to protect sensitive data on their devices, such as avoiding unprotected public Wi-Fi and setting up multi-factor authentication.

Improve Customer Experience and API Security with WSO2 Identity Server 7.0

In today’s digital world, APIs have become key to connect apps and services, both internally and externally. However, when integrating with external entities like partners and service providers, API security is a major concern for businesses. And from a user’s perspective, traditional authentication approaches in mobile apps or digital channels often deliver a less-than-ideal digital experience.

Providing a Secure In-App Login Experience with Authentication API

Application developers want to provide the most secure and seamless login experience for their users, but even when following OAuth and OpenID Connect (OIDC) best practices, user experience issues can still be a problem. In this article, we will walk through how developers can provide a secure and seamless login experience to users by providing the login functionality natively within the app itself.