Security

two businessmen outdoor using technology

All You Need To Know About SSL CERTIFICATE

Reading Time: 3 minutes SSL certificate is a digital certificate that validates a website’s identity and allows an encrypted connection. Which stands for Secure Sockets Layer. A security protocol that creates an encrypted link between a web browser and a web server. Companies and organizations need to add SSL certificates to their websites to protect online transactions and keep customer details private and secure. In short: SSL keeps internet Continue Reading

Computer code on screens

How to Encrypt Kubernetes Secrets with Sealed Secrets?

Reading Time: 5 minutes Why Sealed Secrets? As we know, Secrets in Kubernetes are used to store sensitive data, like password, keys, certificates and token. Secrets are encoded in base64 and automatically decoded when they are attached and read by a Pod. A secret in Kubernetes cluster is encoded in base64 but not encrypted! These data are “only” encoded so if a user has access to your secrets, he can simply execute Continue Reading

IntelliJ hacks using Scala

Reading Time: 3 minutes Introduction An IDE or integrated development environment is a software application that combines, in one place, all the tools needed for a software development project. On a more basic level, IDEs provide interfaces for users to write code, organize text groups, and automate programming redundancies. Here we will talk about IntelliJ IDEA, one of the popular IDE in the market which has advantages over others Continue Reading

How To Bind Kubernetes Service Account with ClusterRole

Reading Time: 5 minutes Hi Readers In this blog we will see How To Bind Kubernetes Service Account with ClusterRole.So In this blog, we will first create a service account and after that, we will create a cluster role in which we will specify resources of Kubernetes and set of permission on the resources that will authorize the service account to access those resources. Understanding Authentication API server can Continue Reading

cert-manager logo

Configure SSL certificate with cert-manager on Kubernetes

Reading Time: 3 minutes After hosting an application on Kubernetes we need to configure TLS/SSL certificate to serve our application over HTTPS securely. Configuring certificates in Kubernetes is a little tedious task because we need to apply certificates, configure them for auto-renewal and get certificates from trusted CA automatically. Cert-manager comes here to rescue certificate management. What is a cert-manager? cert-manager adds certificates and certificates issuer as resource types Continue Reading

aws

Manage AWS Secrets with aws-vault

Reading Time: 2 minutes Hi Readers, In this blog, we will see how we can install and configure the AWS vault in our system for AWS secrets, and then we will see how we can manage AWS access keys with AWS vault. Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that we make to AWS. What is aws-vault? AWS vault is Continue Reading

Spring Cloud Gateway Security with JWT

Reading Time: 3 minutes Security,As we all know that everything that is on the Internet need security. Especially when you create software and work with sensitive user data, such as emails, phone numbers, addresses, credit cards, etc.So,here we will go through securing API Gateway with Json Web Tokens(JWT). Spring recently released an update for microservice applications, and this update is a Spring Cloud Gateway that stands in front of all Continue Reading

Spring Cloud Gateway security with JSON Web Tokens(JWT)

Reading Time: 4 minutes There is a clear understanding that everything that is exposed to the Internet should be secured. Especially when you create software and work with sensitive user data, such as emails, phone numbers, addresses, credit cards, etc. Here we will go through securing API Gateway with Json Web Tokens(JWT). As far as you probably know Spring recently released an update for microservice applications, and this update Continue Reading

JWT

Reading Time: 3 minutes JWT stands for JSON Web Token. It is basically used to transform some information between two parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with HMAC algorithm) or a public/private key pair using RSA. JWT is very compact in size, we can send it through the HTTP header, Post parameter, etc. It’s Continue Reading

Spring Security – A Starter Guide

Reading Time: 5 minutes spring security – authentication and authorization in detail Topics covered Basics of spring security What is spring security? What spring security can do? 5 core concepts of spring security and their detailed breakdown. Definition of Spring Security : The proper definition of spring security is: spring security is an application level security framework that provides ways to to apply application level security to the application. Continue Reading

Angular Routing Guards: Understanding canActivate Guard (Part-2)

Reading Time: 7 minutes If you are trying to block some routes from loading based on some permissions or blocking a route based if not authenticated, then you can read along and at the end, you will understand about the canActivate Guard. In the series of Angular Routing Guards Part-1, we’ve learned and understood the basics of angular route guards. If you’ve no prior knowledge about Angular Route Guards, Continue Reading

How to build Face Detection system using Viola Jones Algorithm

Reading Time: 5 minutes Object Detection is to locate the presence of objects and types or classes of the located objects in an image. Face detection is a particular case of Object Detection. The objective of face detection is to find and locate faces in an image. It is the first step in automatic face recognition applications. Face detection has been well studied for frontal and near frontal faces. Continue Reading

Vault: How to integrate with Jenkins?

Reading Time: 5 minutes What is Vault? Hashicorp Vault is a tool for managing our our secrets. It has support for multiple secrets and we can enable access to both humans and machines separately. Secrets can be stored, dynamically generated, and in the case of encryption, keys can be consumed as a service without the need to expose the underlying key materials. In terms of its architecture, it has Continue Reading