From the basic to advanced concepts of AWS own service for identity and access management: users, groups, permissions for resources and much more. For seriously working with AWS, there’s no way around its Identity and Access Management (IAM) service. Skipping to understand its core principles will bite you again and again in the future️. Take the time to do a deep dive, so you won’t be frustrated later.

When it comes to risk management in banks, cloud-based computing offers significant advantages. On the other hand, risk managers will have a tough time making the switch from on-premises to the cloud.

Amazon EKS Anywhere is an official Kubernetes distribution from AWS. It’s a new deployment option for Amazon EKS that allows the creation and operation of on-premises Kubernetes clusters on your existing infrastructure.

JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in Yamale, a popular schema validator for YAML that’s used by over 200 repositories. The issue has been assigned to CVE-2021-38305.

We live in a world of increasingly connected devices – phones, digital assistants, smart watches, cars, thermostats, refrigerators, windmills, and more. More than 50% of the world’s population is now online and two-thirds own a mobile device, according to the World Economic Forum. Additionally, the codebase of today’s applications typically consists mainly of open source components – exposing them to greater risk of hacking than ever before.

There’s an old saying that “there’s no such thing as bad publicity.” Unfortunately, this doesn’t ring true when it comes to data breaches and ransomware attacks. High profile security incidents continue to make headlines, and those headlines are impacting bottom lines. In response to these, the US federal government is modernizing its own cybersecurity infrastructure, and more state governments are implementing laws to protect citizens.

At Torq, we use gRPC as our one and only synchronous communication protocol. Microservices communicate with each other using gRPC, our external API is exposed via gRPC and our frontend application (written using VueJS) uses the gRPC protocol to communicate with our backend services. One of the main strengths of gRPC is the community and the language support. Given some proto files, you can generate a server and a client for most programming languages.

The vulnerability disclosure process involves reporting security flaws in software or hardware, and can be complex. Cooperation between the organization responsible for the software or hardware, and the security researcher who discovers the vulnerability can be complicated. In this blog we’ll look at the vulnerability disclosure process, the parties involved and how they can collaborate productively.

You may have previously heard about TeamViewer if you’ve ever needed to remotely access another device for the purposes of maintenance or general work activities.