Software supply chain attacks are back in the news. Last week, security researcher Alex Birsan executed a novel attack against Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, and Uber by leveraging a design flaw in automated build and installation tools. Along with the recent SolarWinds breach, this most recent attack is renewing attention on software supply chain security.

As we look forward to restarting our normal lives in the ‘new-normal’ post the pandemic, we are looking to digital channels and devices to bridge the gap between what was done ‘in-person’ and what we can do safely from home. This is necessary for the financial services industry where consumers and businesses alike must move most of their operations online.

So, you want to build a Java application and run it inside a Docker image? Wouldn’t it be awesome if you knew what best practices to follow when building a Java container with Docker? Let me help you out with this one! In the following cheatsheet, I will provide you with best practices to build a production-grade Java container. In the Java container example, I build using these guidelines, I will focus on creating an optimized secure Java container for your application.

SSH certificates, when deployed properly, improve security. A half-baked access system using certs is more vulnerable than a public-key-based one if a user or host gets hacked.

Increased uptime? Check. Better access to outside expertise? Check. Improved first-time-fix rate? Check. These are just some of the benefits of industrial remote access. Yet many customers are reluctant to embrace remote access. Not only that, but incidents such as the breach at the Oldsmar water utility might increase organizations’ reluctance to use remote access.