Originally published in Oct 2017, at Onica.com/blog
Complying with minimal regulations or certifications required by governments or customers and creating a wide window of exposure should be the goal for any first-class technology organization.
Originally published on August 7, 2019 at Onica.com/blog
On July 19, 2019, Capital One® announced that an attacker gained access to over 100 million American and Canadian customer records containing sensitive data such as social security numbers, names, and dates of birth.
Managing the cryptography infrastructure required for a project or a company has traditionally been a challenging task, to put it mildly. It requires a highly-specialized and rare skillset and poses a substantial technological and legal risk in perhaps the most sensitive areas of your applications.
This post explains how to secure Microsoft® Active Directory® (AD) authentication by using Secure Sockets Layer (SSL).
The Payment Card Industry Data Security Standard (PCI DSS) is a globally recognized regulation that protects consumer credit card information from theft and disclosure. It applies to all organizations that store, process, or transmit credit card information—even if it’s just a few transactions each year.
The Oracle® Cloud Security Practices team, in their own words, “describe how Oracle protects the confidentiality, integrity, and availability of customer data and systems that are hosted in the Oracle Cloud and/or accessed when providing Cloud services. Today, 430,000 customers in 175 countries use Oracle technologies to seize business opportunities and solve real, tangible challenges.
In 2009, over 12 million malware infections were reported globally. By 2018, this increased to over 812 million detected threats. The sophistication of these attacks multiplies rapidly—it’s a nearly impossible task to be on top of security threats without having a dedicated team to manage and operate the effort. Security threats come in many different forms. For example, cybercrime has increased by 600% due to the COVID19 outbreak. Very few would have predicted a pandemic would open us to more cybercrime.
This post introduces Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, how these protocols work, and why you might use them.
DevSecOps integrates security practices, principles, tooling, and knowledge into all stages of the software development life cycle within an Agile framework. It aims to enforce security in every stage of the DevOps process compared to the traditional practice, where security assurance is typically performed late in the software delivery life cycle.