Threat detection & response is vitally important for security. In fact, it is included in the OWASP’s top 10 security risks. In this article we will dive deep into how to deploy Amazon’s threat detection service i.e GuardDuty, to a multi-account/multi-region cloud environment using Terraform, and how to connect the service with Slack, for real-time security notifications.
GuardDuty is a fairly easy service to deploy and operate on a single AWS account. But the complexity increases when it comes to deploying it bigger multi-account environments and connecting it with external tools such as Slack. At last, IaC although crucial, may…
Through 2025, 99% of cloud security failures will be the customer’s fault, according to Gartner. Infrastructure misconfiguration remains the top cause of data breaches in the cloud.
In Amazon Web Services, this is where AWS Config security service comes into play.
Simplified overview of core AWS Config concepts
The AWS Config Concepts page provides a detailed but also complex definition of the AWS Config terminology. In this article, I’ll attempt to simplify it and mention only the core and most important concepts and functionalities of this tool. …
Don’t try to reinvent the wheel. Just learn from those who have already done it well.
George Foreman
Design patterns are general, reusable solutions to common software engineering bugs. They are good practices developed by trial and error, labor, and countless hours of debugging by programmers in the past, so that developing can be easier, faster, cleaner, bug-free for us today. In short software design patterns are all about not reinventing the wheel.
Design patterns gained popularity after the publishing of the book Design Patterns: Elements of Reusable Object-Oriented Software was published in 1994 by the so-called “Gang of Four”…
This article is made for engineers who want to dive into the core of node.js fast and kick-start their full-stack JavaScript security career. Reading the code (instead of trying to understand concepts through words) is usually the easiest way to learn a new language. We will try to demonstrate through code snippets, several NodeJS security features.
Requirements for this guide:
- Vanilla JavaScript (ES6)
- Object-oriented programming
- HTTP protocol
- Basic understanding of cryptography
Introduction
Keypoints
- Build on C++, node.js allows developers to write server-side code with JavaScript, therefore making full-stack JS development possible.
- It is fast. Node.js is single-threaded but handles requests/responses in parallel…
We can think of natural sciences, as sciences that reverse engineer the system of the natural world. For instance, neuroscientists study the human brain, collect and analyze its data, and attempt to understand the way it operates.
On the other hand, we can think of computer science, as the science that develops a system — a technological world (instead of reverse engineering it). For example an artificial intelligence engineer, uses data and statistical methods in order to create a “virtual brain”, one could say.
In this context, computer science and natural sciences progress towards the same direction, but begin from…
