Reading Time: 3 minutes Hi Readers, Denial of a Service also known as DDoS is a type of Distributed Network Attack. This kind of attack makes the application or website flooded with multiple fake requests which makes the website unavailable for some or all users. In this blog, we will see the basics of a DDoS attack and understand how it works. What is DDoS Attack? How DDoS attack Continue Reading
Reading Time: 3 minutes SSL certificate is a digital certificate that validates a website’s identity and allows an encrypted connection. Which stands for Secure Sockets Layer. A security protocol that creates an encrypted link between a web browser and a web server. Companies and organizations need to add SSL certificates to their websites to protect online transactions and keep customer details private and secure. In short: SSL keeps internet Continue Reading
Reading Time: 5 minutes Why Sealed Secrets? As we know, Secrets in Kubernetes are used to store sensitive data, like password, keys, certificates and token. Secrets are encoded in base64 and automatically decoded when they are attached and read by a Pod. A secret in Kubernetes cluster is encoded in base64 but not encrypted! These data are “only” encoded so if a user has access to your secrets, he can simply execute Continue Reading
Reading Time: 3 minutes Introduction An IDE or integrated development environment is a software application that combines, in one place, all the tools needed for a software development project. On a more basic level, IDEs provide interfaces for users to write code, organize text groups, and automate programming redundancies. Here we will talk about IntelliJ IDEA, one of the popular IDE in the market which has advantages over others Continue Reading
Reading Time: 5 minutes Hi Readers In this blog we will see How To Bind Kubernetes Service Account with ClusterRole.So In this blog, we will first create a service account and after that, we will create a cluster role in which we will specify resources of Kubernetes and set of permission on the resources that will authorize the service account to access those resources. Understanding Authentication API server can Continue Reading
Reading Time: 3 minutes After hosting an application on Kubernetes we need to configure TLS/SSL certificate to serve our application over HTTPS securely. Configuring certificates in Kubernetes is a little tedious task because we need to apply certificates, configure them for auto-renewal and get certificates from trusted CA automatically. Cert-manager comes here to rescue certificate management. What is a cert-manager? cert-manager adds certificates and certificates issuer as resource types Continue Reading
Reading Time: 2 minutes Hi Readers, In this blog, we will see how we can install and configure the AWS vault in our system for AWS secrets, and then we will see how we can manage AWS access keys with AWS vault. Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that we make to AWS. What is aws-vault? AWS vault is Continue Reading
Reading Time: 3 minutes Security,As we all know that everything that is on the Internet need security. Especially when you create software and work with sensitive user data, such as emails, phone numbers, addresses, credit cards, etc.So,here we will go through securing API Gateway with Json Web Tokens(JWT). Spring recently released an update for microservice applications, and this update is a Spring Cloud Gateway that stands in front of all Continue Reading
Reading Time: 4 minutes There is a clear understanding that everything that is exposed to the Internet should be secured. Especially when you create software and work with sensitive user data, such as emails, phone numbers, addresses, credit cards, etc. Here we will go through securing API Gateway with Json Web Tokens(JWT). As far as you probably know Spring recently released an update for microservice applications, and this update Continue Reading
Reading Time: 3 minutes JWT stands for JSON Web Token. It is basically used to transform some information between two parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with HMAC algorithm) or a public/private key pair using RSA. JWT is very compact in size, we can send it through the HTTP header, Post parameter, etc. It’s Continue Reading
Reading Time: 5 minutes spring security – authentication and authorization in detail Topics covered Basics of spring security What is spring security? What spring security can do? 5 core concepts of spring security and their detailed breakdown. Definition of Spring Security : The proper definition of spring security is: spring security is an application level security framework that provides ways to to apply application level security to the application. Continue Reading
Reading Time: 7 minutes If you are trying to block some routes from loading based on some permissions or blocking a route based if not authenticated, then you can read along and at the end, you will understand about the canActivate Guard. In the series of Angular Routing Guards Part-1, we’ve learned and understood the basics of angular route guards. If you’ve no prior knowledge about Angular Route Guards, Continue Reading
Reading Time: 5 minutes Object Detection is to locate the presence of objects and types or classes of the located objects in an image. Face detection is a particular case of Object Detection. The objective of face detection is to find and locate faces in an image. It is the first step in automatic face recognition applications. Face detection has been well studied for frontal and near frontal faces. Continue Reading
