Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

The inadequate guide to Rails security

If you're like me, you got into this business because you love building awesome apps. If you've been in the development space long enough, you'll eventually have to do work on those awesome apps that doesn't feel so awesome. Security can be one of those things. Taking Rails security seriously is important, even though the Rails framework does much of the heavy lifting. Before we get too deep into the details of Ruby on Rails security, let's take a second to reflect on the good times. ...

Secure Streamlit app deployment with AWS Cognito, Streamlit, and CircleCI

As you develop internal tools or public-facing data applications, implementing authentication mechanisms becomes essential. Without authentication, you risk exposing sensitive information or allowing unauthorized access. Fortunately, integrating secure user access does not have to be complex. AWS Cognito provides a straightforward way to handle authentication, user management, and access control across multiple identity providers.

Why security should be non-negotiable in free business email

In today's fast-moving digital world, small businesses rely heavily on free email services to operate efficiently. Whether it's communicating with clients, managing orders, or coordinating teams, email remains a cornerstone of daily activity. While the convenience and zero cost of many platforms are tempting, overlooking security can have serious and lasting consequences.

Hard Drive Security Starts With Your Staff: Training That Protects, Sells, and Scales

Selling used hard drives doesn't start with wiping software, it starts with people. Every drive your company disposes of passes through human hands, which means training is your first and strongest safeguard. Poor handling opens the door to data leaks, compliance failures, and revenue loss. This article strips away the fluff and shows you what matters: building a training system that's practical, repeatable, and aligned with real business needs. From electrostatic discharge to chain-of-custody documentation, each step depends on your team. Get training wrong, and everything else falls apart.

The Vulnerability Sitting in Front of Government Websites

In early August, in a sublet apartment on the eighth floor of a high-rise in central Tel Aviv, Aviv Yahav, a vulnerability researcher, opened a debugger and watched a memory address filled with zeros where it should have held a cryptographic secret. The affected system was a Fortinet FortiWeb appliance, a web application firewall deployed by thousands of organizations across the public and private sectors. The missing bytes were the secret used to derive session keys for authenticated user sessions.

What's New in Calico - Summer 2025

As Kubernetes adoption scales across enterprise architectures, platform architects face mounting pressure to implement consistent security guardrails across distributed, multi-cluster environments while maintaining operational velocity. Modern infrastructure demands a security architecture that can adapt without introducing complexity or performance penalties.