Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Code integrity guarantees that software code remains uncorrupted, authentic, and protected throughout the lifetime of that software. Code integrity also protects software from changes made without proper authorization for malicious attack purposes through the installation of back doors, which is a simple form of malware, initiating unauthorized updates.

As quantum computing creeps closer, the cryptographic mechanisms on which today’s digital world relies are becoming more and more fragile. In a prescient move, AWS Key Management Service (KMS) now supports ML-DSA, one of the first post-quantum digital signatures, which has become a standard under FIPS 203. This is an important step in AWS’s broader efforts to prepare customers for the post-quantum secure future.

XML external entity injection or XXE, is a type of web security vulnerability and an application-layer cybersecurity attack. This vulnerability allows the hacker to interfere with an application while it is processing XML data. The attacker can inject unsafe XML entities into the application and can interact with systems to which the application has access. The hackers can also view files on the server and even perform remote code execution (RCE).