In the world of software development, addressing the common software security issues and how you can prevent them is crucial. At Keyhole, we understand the importance of prioritizing security right from the project’s inception. This approach is not just a recommendation but a necessity in today’s digital landscape. Integrating security measures from the start significantly reduces the risk of encountering …
What are the Common Security Issues in Cloud Computing for Businesses?
As an expert-driven software development and consulting firm, we prioritize knowledge sharing, client-focused delivery, and a commitment to modern technology solutions. In this spirit, we address a critical aspect of today’s business landscape: common security issues in cloud computing for businesses. This topic, often neglected or misunderstood, can be the difference between a thriving enterprise and a cautionary tale. Preventing …
Part 1: Creating an FHIR API – Google or Azure?
Data interoperability is one of the hardest problems in Healthcare IT. The most popular approach is to exchange HL7v2 messages between systems. These pipe-delimited messages are difficult to read by a human and often need additional customizations between implementations.
The next major paradigm shift is towards FHIR (Fast Healthcare Interoperability Resources), a JSON-based standard that is evolving ahead of the needs of the industry. Cloud vendors like Microsoft, Amazon, and Google are trying to lay their claim to be the one-stop shop for healthcare on the cloud.
This blog is part of a 4 part series diving into an actual use case I recently encountered while working with a client. I had to stand up an FHIR repository/API for 2+ million patients that could be used by hundreds of users every day, as well as countless background processes.
White Paper: Security Best Practices in Application Development
This white paper provides key takeaways for application stewards and software leaders to improve application security, with examples of common application security liabilities and suggestions for remediation. Topics include:
An in-depth look into Security Culture and the importance of the people element in adopting a security-first outlook.
An explanation of common application practices we frequently see in the wild that can be inherently risky, with suggestions for best practices.
A security checklist to determine critical areas of higher risk to prioritize in your journey to a more secure application.
An explanation of the security Surface Area and how to minimize it starting from your source code.
Strategies to protect Authentication and Authorization and a comparison between Third-Party solutions and rolling your own auth.
A deep dive into built-in Application Security and an exploration of strategies that might help your business, including Network-Level Security, WAF, Payload Encryption, SSL, Cloud Configuration, and SIEM…
Top Security Mistakes to Avoid in AppDev
Developing custom applications is one of the hardest professional endeavors, and making them secure is even harder. Malicious actors are constantly changing tactics and strategies, which, unfortunately, makes it impossible to completely eliminate any security threat.
There needs to be a balance between delivering features quickly to meet business objectives and mitigating security risks. Thankfully, these two goals are not mutually exclusive. This blog post dives into the top mistakes that can be made while developing custom applications.
These recommendations are different from what would commonly be seen in an OWASP list, and they should be used in addition to whatever security practices and procedures are already in place by an organization’s infosec department. These recommendations are also written from an application architect’s (rather than an enterprise infrastructure) perspective, so most of them aren’t covered by existing security checklists.
