Could the Equifax Hack Have Been Prevented by a Microservices Architecture?

David Pitt Architecture, Articles, DevOps, Java, Microservices, Opinion, Security Leave a Comment

When I heard that the Struts Open Source framework played a role in the recent Equifax hack, I wanted to do some research to understand how it happened. Struts is a commonly-used Java framework that I have applied in the past. And Iโ€™m not alone in that: it is reported that in 65% of Fortune 500 companies currently implement Struts in some way.

So, I did a little digging and performed a thought experiment asking myself the following question: โ€œIf Equifax had a pure-play Microservices Architecture in place, would it have solved the problem?โ€

JSON Web Tokens

JSON Web Tokens With Spring Cloud Microservices

Thomas Kendall Articles, Java, JavaScript, Microservices, Security, Spring, Tutorial 6 Comments

Attention: This article was published over 10 years ago, and the information provided may be aged or outdated. While some topics are evergreen, technology moves fast, so please keep that in mind as you read the post.At Keyhole, we have published several blogs about Microservices. We’ve talked about architectural patterns used in a Microservices environment such as service discovery and …

Don’t just randomize, truly randomize!

Vince Pendergrass Articles, Development Technologies & Tools, Java, JavaScript, Security Leave a Comment

Attention: This article was published over 12 years ago, and the information provided may be aged or outdated. While some topics are evergreen, technology moves fast, so please keep that in mind as you read the post.The state of web application cryptography has changed, and each development language provides its own way of working with it. I will touch on …

Top 10 Web Application Security Risks From OWASP

Todd Horn Articles, Security Leave a Comment

Attention: This article was published over 13 years ago, and the information provided may be aged or outdated. While some topics are evergreen, technology moves fast, so please keep that in mind as you read the post.The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. Its mission is to …