Security

cert-manager logo

Configure SSL certificate with cert-manager on Kubernetes

Reading Time: 3 minutes After hosting an application on Kubernetes we need to configure TLS/SSL certificate to serve our application over HTTPS securely. Configuring certificates in Kubernetes is a little tedious task because we need to apply certificates, configure them for auto-renewal and get certificates from trusted CA automatically. Cert-manager comes here to rescue certificate management. What is a cert-manager? cert-manager adds certificates and certificates issuer as resource types Continue Reading

aws

Manage AWS Secrets with aws-vault

Reading Time: 2 minutes Hi Readers, In this blog, we will see how we can install and configure the AWS vault in our system for AWS secrets, and then we will see how we can manage AWS access keys with AWS vault. Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that we make to AWS. What is aws-vault? AWS vault is Continue Reading

Spring Cloud Gateway Security with JWT

Reading Time: 3 minutes Security,As we all know that everything that is on the Internet need security. Especially when you create software and work with sensitive user data, such as emails, phone numbers, addresses, credit cards, etc.So,here we will go through securing API Gateway with Json Web Tokens(JWT). Spring recently released an update for microservice applications, and this update is a Spring Cloud Gateway that stands in front of all Continue Reading

Spring Cloud Gateway security with JSON Web Tokens(JWT)

Reading Time: 4 minutes There is a clear understanding that everything that is exposed to the Internet should be secured. Especially when you create software and work with sensitive user data, such as emails, phone numbers, addresses, credit cards, etc. Here we will go through securing API Gateway with Json Web Tokens(JWT). As far as you probably know Spring recently released an update for microservice applications, and this update Continue Reading

JWT

Reading Time: 3 minutes JWT stands for JSON Web Token. It is basically used to transform some information between two parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with HMAC algorithm) or a public/private key pair using RSA. JWT is very compact in size, we can send it through the HTTP header, Post parameter, etc. It’s Continue Reading

Spring Security – A Starter Guide

Reading Time: 5 minutes spring security – authentication and authorization in detail Topics covered Basics of spring security What is spring security? What spring security can do? 5 core concepts of spring security and their detailed breakdown. Definition of Spring Security : The proper definition of spring security is: spring security is an application level security framework that provides ways to to apply application level security to the application. Continue Reading

Angular Routing Guards: Understanding canActivate Guard (Part-2)

Reading Time: 7 minutes If you are trying to block some routes from loading based on some permissions or blocking a route based if not authenticated, then you can read along and at the end, you will understand about the canActivate Guard. In the series of Angular Routing Guards Part-1, we’ve learned and understood the basics of angular route guards. If you’ve no prior knowledge about Angular Route Guards, Continue Reading

How to build Face Detection system using Viola Jones Algorithm

Reading Time: 5 minutes Object Detection is to locate the presence of objects and types or classes of the located objects in an image. Face detection is a particular case of Object Detection. The objective of face detection is to find and locate faces in an image. It is the first step in automatic face recognition applications. Face detection has been well studied for frontal and near frontal faces. Continue Reading

Vault: How to integrate with Jenkins?

Reading Time: 5 minutes What is Vault? Hashicorp Vault is a tool for managing our our secrets. It has support for multiple secrets and we can enable access to both humans and machines separately. Secrets can be stored, dynamically generated, and in the case of encryption, keys can be consumed as a service without the need to expose the underlying key materials. In terms of its architecture, it has Continue Reading

Understanding DevSecOps for Kubernetes

Reading Time: 4 minutes Increase in Security Demands for Cloud Native Ecosystems In today’s world, the need for securing our cloud native clusters has increased more than ever. Also this year, cloud-native security is again top trending, according to a report published by Gartner. DevSecOps is a simple answer to multiple questions. In the recently concluded KubeCon 2020, we saw that a lot of organisations are taking huge strides Continue Reading

Configure Kerberos server and client

Reading Time: 4 minutes Before moving ahead to the configuration of Kerberos let’s discuss why we need Kerberos. In this digital world, cybercrime is increasing in ways where no companies are safe. Cyber attackers are targeting companies to steal important data. For good practice, companies should adopt powerful solutions which help to keep their data secure and safe from these attackers. Today I am talking about a most secure Continue Reading

A Quick Guide through UFW – Uncomplicated Firewall

Reading Time: 4 minutes UFW, short for Uncomplicated Firewall, is basically a simplified firewall mechanism that is implemented upon iptables itself. As a result, making it much easier to configure ufw than to configure iptables. Therefore, it can be said that ufw is technically a program for managing a netfilter firewall which aims to provide an easy to use interface for the user. Need for UFW – uncomplicated firewall Continue Reading