Security has never been more critical with hackers’ ever-improving and sophisticated means of breaking through your defenses. Remember when Target’s customer data was hacked, which meant you and millions of others had to get new credit cards for safety precautions? We all don’t want to be the next, well, target. Protect your applications by staying on top of the game and predicting hackers’ next moves, by reading tutorials on secure engineering techniques and how to assess your IT risks.
Here are some of the recent highlights from the developerWorks® Security zone that you should check out if you’re interested in application security.
Securely protecting the enterprise can be complicated when you take into consideration all the changes in technology and new platforms like the cloud. But it doesn’t have to be complicated! In this video series, Beth Dunphy (Worldwide Strategy and Offering Executive at IBM) imparts meaningful knowledge that all IT security practitioners should always keep in mind. These 10 essential security practices from IBM can help you simplify the overwhelming challenge of designing a balanced security program.
Scale single sign-on for your Node.js cloud apps
Adding single sign-on to demonstration apps is somewhat straightforward. But when your app is deployed across multiple servers in multiple locations in order to ensure high availability, the architecture gets very complex very quickly. Tim Robinson has been down that path and presents a technique that uses the Redis Cloud service in Bluemix® to ensure your single sign-on function performs well, even at the enterprise scale. Read the tutorial now.
Run a SAST scan of a Java application by using Bluemix Static Analyzer
Static code analyzers have been around for a while. But if you’ve ever tried to install one, you know how much of a pain it can be to ensure all the right libraries and dependencies are available. Fortunately, IBM has moved its industry-leading static analyzer to Bluemix so you can run your analysis in the cloud! In this tutorial, Matthew Murphy walks you through a demonstration project so that you can learn how to use this new service for your projects. Read the tutorial now.
Anyone with an existing behind-the-firewall IT infrastructure quickly realizes that the cloud computing strategy depends on being able to mix and match services that are behind the firewall and in the public cloud. Chun Bin Tang demonstrates how to improve the security of your internal APIs thzat you expose to your cloud applications by using the Bluemix Secure Gateway Service.
Connect to your data center with the Bluemix Secure Gateway service
Learn how to use the Bluemix Secure Gateway to establish database client connections to databases in a private intranet in this tutorial by Ori Pomerantz. Using these techniques, you can connect to back-end databases from all of the supported Bluemix environments. Read the tutorial.
This is one of our longest running and most popular tutorials on the Security zone, because it teaches you how to implement rich, context-aware, risk-based authorization policies using IBM Security Access Manager (ISAM). Companies are getting more and more sophisticated at how they assess the risk of web traffic coming into their applications, as well they should in order to protect their data. Optimize your security defenses with ISAM for Web and ISAM for Mobile. Read the tutorial.