DZone.com Feed

Why Encryption Alone Is Not Enough in Cloud Security (Fri, 09 Jan 2026)
It is often assumed that encryption is the gold standard method for securing assets in the cloud. Cloud providers give assurances that all their services are “encrypted by default.” Several regulatory and cloud compliance policies mandate that organizations encrypt data at rest, in use, and in transit. All of this should make cloud environments secure, right? However, the reality is slightly more nuanced. Many breaches occur not because encryption algorithms are weak or because attackers can crack them. They occur because attackers never need to. Instead, attackers exploit other weaknesses. Access may be over-permissive, key governance may be poorly managed, configurations may be exposed, and there may be an overall lack of visibility into how data is actually being used.
>> Read More

The Rise of Diskless Kafka: Rethinking Brokers, Storage, and the Kafka Protocol (Fri, 09 Jan 2026)
Apache Kafka has come a long way from being just a scalable data ingestion layer for data lakes. Today, it is the backbone of real-time transactional applications. In many organizations, Kafka serves as the central nervous system connecting both operational and analytical workloads. Over time, its architecture has shifted significantly — from brokers managing all storage, to Tiered Storage, and now toward a new paradigm: Diskless Kafka. Diskless Kafka refers to a Kafka architecture in which brokers use no local disk storage. Instead, all event data is stored directly in cloud object storage such as Amazon S3, Google Cloud Storage, or Azure Blob Storage.
>> Read More

Beyond Extensions: Architectural Deep-Dives into File Upload Security (Fri, 09 Jan 2026)
Allowing users to upload files is a staple of modern web applications, from profile pictures to enterprise document management. However, for a security engineer or backend developer, an upload field is essentially an open invitation for an attacker to place an arbitrary binary on your filesystem. When validation fails, the consequences range from localized data theft to a total Remote Code Execution (RCE) scenario, where an attacker gains a web shell and full control over the host. This article explores why standard defenses often fail and how modern architectural patterns — and their flaws — impact the security posture of your application.
>> Read More

Mastering Fluent Bit: Developer Guide to Telemetry Pipeline Routing (Part 12) (Fri, 09 Jan 2026)
This series is a general-purpose getting-started guide for those who want to learn about the Cloud Native Computing Foundation (CNCF) project Fluent Bit. Each article in this series addresses a single topic by providing insights into what the topic is, why it is worth exploring, where to get started, and how to get hands-on with learning about the topic as it relates to the Fluent Bit project.
>> Read More

DevOps Cafe Podcast

DevOps Cafe Ep 79 - Guests: Joseph Jacks and Ben Kehoe (Mon, 13 Aug 2018)
Triggered by Google Next 2018, John and Damon chat with Joseph Jacks (stealth startup) and Ben Kehoe (iRobot) about their public disagreements — and agreements — about Kubernetes and Serverless. 
>> Read More

DevOps Cafe Ep 78 - Guest: J. Paul Reed (Mon, 23 Jul 2018)
John and Damon chat with J.Paul Reed (Release Engineering Approaches) about the field of Systems Safety and Human Factors that studies why accidents happen and how to minimize the occurrence and impact. Show notes at http://devopscafe.org
>> Read More

DevOps Cafe Ep. 77 - Damon interviews John (Wed, 20 Jun 2018)
A new season of DevOps Cafe is here. The topic of this episode is "DevSecOps." Damon interviews John about what this term means, why it matters now, and the overall state of security.  Show notes at http://devopscafe.org
>> Read More