A signature is the most common way to ensure the authenticity of the information. It’s been around since Rome Empire. And it’s ironic that in this digital age, there are many companies and applications that interact without proper digital signature.
Build a simple go application that creates a signature based on sample text. Then verify the signature if it is a valid signature.
Run the application in the command shell by calling the go build file.
go run main.go
Currently, a cybersecurity attack related to the database is growing exponentially. A single data leak incident can cost a million dollars. Even worst, attack kind of data destruction or ransom can stop the business activity instantly. Cybersecurity is not the Database or Cybersecurity team’s responsibility but a collaboration of all stakeholders related to the database, including the Infrastructure and Developer Team.
In some security incidents, access leakage leading to more severe events like business data exfiltration. Looking at how digital-native businesses grow, they build new features in a matter of weeks, if not days. The market demand requires a software engineer and DevOps team to focus on speed in their delivery effort. In between those efforts, access to the network, server, or database is sometimes not adequately protected. Reference from Mitre here.
The project scope is to build an API to manage content posts. You’ll create an API with three functionalities: create a post, read a single post, and list posts. The database is MySQL installed in localhost.
Since the Go community already has a wonderful library, there is almost no reason to write everything from scratch.
There are many sensitive data in the form of an image file. Photo, National ID, Certificates, and any confidential image. Imagine if our credit card photo leaked to the internet and shown in Google Search.
Protecting consumer and company data is mandatory by regulation (and common sense).
Protect the image stored in the system from unauthorized access.
Security has been a primary concern in business and government for hundreds of years ago. Government regulation is explicitly mentioned how to handle Customer data. And it is essential to protect your business continuity from vulnerability exploit.
Send data securely to other parties via an HTTP request. Other parties mean a partner entity which doing a communication to us. Secure parameters are:
The service is able to send and receive data. Users will use the service to send data to any party…
Why talk about topic which 10 year old boy know it naturaly?
Hold your horse You modern Nomad . In this age, what do we know about friendship, natural order and social law actually?
Let’s break it down this way:
Write a small portable Go Application to put a logo on top of an image
Protecting content in the image format by placing brand identity is a common practice in the industry called watermark. No one wants to use a watermarked image. The effort to remove the watermark is quite high, thus making unauthorized party lost their intention to steal the content. This attempt is proven to improve security measures.
Watermark also serves as auditing tools. When sending a confidential image to an external party, it’s mandatory to put a watermark there containing recipient name and use case. Imagine when…
This story is about cycling and how I see it. So first, I need to tell you who I am.
That’s about me. If you are more or less live that way, you probably can relate to my story.
I have my 9–6 kind a job in day and entrepreneur activity at night. My schedule is a legit excuse to skip the gym…
Secure communication is essential for a business to provide strong trust. Furthermore, it is mandatory by most governments to encrypt personal identity information (PII) when sending information to another business party.
Asymmetric cryptography is a universal approach for encryption in information exchange applications.
In my experience, I found some new businesses have a hard time to generate their pair of asymmetric keys. Then they ask my team to generate the key pair for them.
By principle, that’s a broken security practice. Because the private key should only be seen and kept by the owner, if my team creates the private…
IT architect at best cloud provider in the planet. Experience in cybersecurity and tech-fire-fighting.