Knoldus Blogs

An Introduction to SSH – Secure Shell

August 5, 2020August 5, 2020linux, SecurityEncryption, risks, ssh, ssh keys

Reading Time: 4 minutes What is SSH ? SSH is a network protocol that allows secure connection between different computers. SSH protocol also referred to as Secure Shell, provides many functionalities like, Strong connection and security Strong authentication Maintains connection integrity Strong encryption. In general, there are different ways for logging in to a remote machine, Know the password of that machine. SSH public and private keys. Host-based authentication Continue Reading

Introduction To Ansible Vault

June 30, 2020June 30, 2020Security, Security Controls, Studio-DevOpsAnsble-Vault, Data Privacy, Encryption

Reading Time: 2 minutes Hi readers, in this blog we will be discussing Ansible vault. Also, we will be looking at how to encrypt different playbooks and how they can be decrypted. Introduction The “Vault” is a feature of Ansible that allows you to keep sensitive data such as passwords or keys protected at rest, rather than as plain text in playbooks or roles. Why use Ansible Vault? Ansible Continue Reading

A Quick Guide through UFW – Uncomplicated Firewall

June 21, 2020June 21, 2020linux, Security, Studio-DevOps, Tech BlogsDevops, firewall, iptables, Security, ufw

Reading Time: 4 minutes UFW, short for Uncomplicated Firewall, is basically a simplified firewall mechanism that is implemented upon iptables itself. As a result, making it much easier to configure ufw than to configure iptables. Therefore, it can be said that ufw is technically a program for managing a netfilter firewall which aims to provide an easy to use interface for the user. Need for UFW – uncomplicated firewall Continue Reading

Go Through with Rego components

February 10, 2020February 10, 2020Microservices, SecurityAuthorization, istio, opa, Policies, rego

Reading Time: 3 minutes In this blog, we’ll understand Rego that uses for declaring policy in OPA(open policy Agent). Rego is a declarative logic programming language, not a programming language. We can get content based on the policy defined by Rego as it’s declarative nature it has many benefits than the imperative language.

Encryption with PBKDF2

October 3, 2019October 3, 2019Java, Security

Reading Time: 4 minutes Passwords can be the most valuable data to an attacker because stolen passwords can provide attackers the ability to bypass most of the security perimeters that exists in the system. Since lot of people use the same password in several other systems, one system compromise can affect the security of other systems too. This is where we can use encryption as a solution for theses Continue Reading

DevSecOps: Security with DevOps

September 19, 2019October 12, 2020Security, Studio-DevOpsAPI Security, deployment, Design, DevSecOps, Security

Reading Time: 3 minutes Hi everyone! I’m back with a new blog where will be discussing a term called DevSecOps. This term directly related to a very important component of technology which is security. So let’s discuss what is DevSecOps? Why it’s so much important? How it comes into the picture?

Store Git Credentials Encrypted

April 20, 2019April 29, 2019DCOS, Docker, github, linux, Project Management, Security, Studio-DevOps, Studio-Scala, Tech Blogs, Tutorialbitbucket, credential.helper, git, github, gnome-keyring, libsecret, netrc

Reading Time: 3 minutes Hey folks in this blog post we would be looking over how we can store our git credentials in an encrypted format over linux remote servers, let’s first quickly have a look why we want to do it and what git provide us with as options. Git credentials helpers So git provide many types of credential helpers like Store The first and most basic type Continue Reading

Vault: A secure way to keep your App’s secrets

March 3, 2019March 3, 2019Security, Studio-Scalavault

Reading Time: 3 minutes In this blog, we will discuss the Vault. In modern scenarios, we want to secure our system as much as possible. We don’t want to store our secret keys and certificates in the system or configurations. We need a place where we can keep our secrets with more security and access them securely whenever we need them. We can use the Vault. Vault is the Continue Reading

How to start with Vega : The web security scanner?

February 5, 2018August 9, 2018Security, Security Audit, Security Guidelines, Testing, Web, Web Application

Reading Time: 3 minutes Vega – Web security scanner and web security testing platform. Alright, Today I have come up with an interesting topic which is Vega and this blog is inspired by the last blog I wrote on web security. Vega is nothing but a tool, we will talk more about Vega in a while but let’s first talk ‘Why Vega’. So, next when you are done with your Continue Reading

Authentication using Actions in Play Framework

July 2, 2017August 9, 2018Play Framework, Security, Studio-Scala, Web, Web Application

Reading Time: < 1 minute Actions in Play Framework plays an important, the requests received by a Play application are handled by an Action. Action composition is an incredibly powerful way to enhance or restrict controller behaviour. In Play Framework controllers consist of methods that create Action objects to handle the incoming requests. A play.api.mvc.Action is basically a (play.api.mvc.Request => play.api.mvc.Result) function that handles a request and generates a result to be sent to the client. We can Continue Reading

SQL made easy and secure with Slick

June 15, 2017June 15, 2017Database, Security, Slick, SQL, Studio-Scala, TutorialDatabase, google, Security, slick, sql, technology

Reading Time: 5 minutes Slick stands for Scala Language-Integrated Connection Kit. It is Functional Relational Mapping (FRM) library for Scala that makes it easy to work with relational databases. Slick can be considered as a replacement of writing SQL queries as Strings with a nicer API for handling connections, fetching results and using a query language, which is integrated more nicely into Scala. You can write your database queries Continue Reading

Configuring SSH Key Authentication on Linux

June 12, 2017AWS, AWS Services, Security, Security Controls, Security GuidelinesConfiguring SSh, Configuring ssh key athentication, remote access with ssh key, secure remote access, security without password, ssh, ssh linux

Reading Time: 3 minutes Now Days it is very convenient to use Remote Desktop Protocol(RDP) for accessing remote system over Internet, specially server systems(either client to server or server to server), although it is very convenient and easy way to access remote systems but it may cause big loss as it may provide an opportunity for remote attackers to guess logon credentials of client. There may present many ways Continue Reading

Knolx – Intoduction to AWS IAM

March 22, 2017June 13, 2018Amazon, AWS, Cloud, Security, Security Controls, Studio-Scala

Reading Time: < 1 minute Hi all, Knoldus has organized a 30 min session on 3rd March 2017 at 4:50 PM. The topic was Introduction to AWS IAM. Many people have joined and enjoyed the session. I am going to share the slides here. Please let me know if you have any question related to linked slides.