Systems | Development | Analytics | API | Testing

Security

Threats That Data Analysis Can Protect You From

In our latest post we’re covering a range of the different kinds of problems and threats data analysis can help protect your business from. We’ve brought together some of our favourite experts working in big data, cybersecurity and tech to shed light on some of the practical applications of using data analysis for protecting your operations.

How to Secure Your API Against Attacks and Intentional Misuse

Hiring a New York or Menlo Park white-shoe law firm to write your app’s Terms of Service (ToS) might bring peace of mind, but how do you ensure that your expensive rules are actually adhered to. Just like the pervasive abuse of customer review guidelines in B2C companies, B2B companies also suffer from multiple/unverified review problems. Similarly, by their design, APIs are also vulnerable to misuse by bad actors, but this time through brute force attacks.

ELK - Not Just For The Nice Visitors

Most of the applications we see for the ELK stack are from businesses which want to improve their customers' experience. To return relevant search results and to create Kibana dashboards that allow them to analyse data and give the customers what they want. But there are some cases where the customer is always wrong, and where the last thing you want to do is give a site visitor what he wants. Welcome to the world of forensics, compliance and fraud detection.

How to configure HTTPS for an Nginx Docker Container

There are a few ways to effectively configure HTTPs for an Nginx Docker Container. In this guide, we will quickly cover configuration through the use of free certificate authority Let’s Encrypt. For plenty of people, using Let’s Encrypt to configure HTTPS for an Nginx docker container is a good option. A paid version like Comodo’s SSL certificates may make more sense if you want to increase the security of your site and server.

How to Load Test OAuth secured APIs with k6?

The outline of this article is as follows: Most systems are designed to treat users differently based on their identity. Therefore, users are authenticated via various mechanisms and it's often equally important to test the performance of anonymous and authenticated endpoints. One of the most widespread authentication standards used by today's applications is OAuth. In OAuth, we use a trusted third party to verify the identity of the user.

Snowflake on Snowflake: How We Strengthened Data Governance Using Dynamic Data Masking

Managing access to sensitive data is the name of the game when it comes to security and data governance. It’s required to protect sensitive data from unauthorized changes or exposure, and it’s now a mandate as part of privacy regulations such as GDPR and the California Consumer Privacy Act (CCPA). Companies all over the world are now focused on protecting sensitive PII associated with their customers and employees.

Security Best Practices for Node.js

Because a lot of systems are connected to the web these days (or, at least, communicate/integrate with it at some level), companies are giving more and more attention to web security. Web security usually comes to public attention when certain events reach the news, for example, security leakages, hacker activities, and/or data-stealing over big companies, some of them really large (like Google, LinkedIn, etc.).

Security Never Sleeps: Why a Secure Network is a Must for Testing in the Age of Remote Work

In this webinar, security experts Sivan Tehila and Justin Dolly will discuss:

  • The various threats to your network and to your testing environment that have come about as a result of remote work
  • How cybersecurity is an integral part of the organization's business continuity plan
  • Tips and best practices for securing the home network when the endpoint is now everywhere