It is interesting to see how companies and organizations believe that their mobile application source code is a protected asset. Protected asset due to compiled code files. With just a few tools and technics, it is surprisingly easy to decompile and withdraw a mobile application's source code.

NB! These are tools and techniques ethical and malicious hackers use. This post will give an insight from the perspective of a pentester.

I will in this blogpost give a brief insight on how.

By installing a mobile application to your phone, a file (APK, XAPK, IPA & APPX) gets downloaded and saved…


Zero Trust (ZT), Endpoint protection (EPP), and Cloud Access Security Broker (CASB) are topics this article will touch upon related to hardening an organization’s security in its modern IT-ecosystem.

As a result of global, national, and local regulations, workforces have been moved out of traditional office buildings, networks and into their homes, while consumer’s demand for online stores and home delivery has skyrocketed due to national lockdown and social distancing. Many businesses have moved into the cloud area as a response to the “New Normal”. In the context of a new normal, the adoption of new strategies, technology platforms, devices…


In today’s application development, it is common to encounter terms like microservices, containers, virtual machines (VMs), orchestrations, and last but not least cloud computing. I will, in corporation with Giridhar Srinivasan, give an introduction to these topics.

Microservices

In the development of an app for your company, your product, or service, decisions need to be made on the application’s foundation — its architecture.

Microservices, also known as microservice architecture, is one of many application architectures. This architectural style breaks an application into a series of modules, each responsible for a unique function, yet gives the end-user a cohesive experience.

The microservice…


This article will give you a small introduction to DevOps, DevSecOps, and DataOps.Let’s break the terms down to details:

· DevOps = Development and Operations.

· DevSecOps = Development, Security, and Operations.

· DataOps = Data and Operations.

Usually, these terms are associated with approaches to Software Development and IT-Operation-, projects, and teams solely. But from what I have understood, it has a more significant potential to impact the way of doing business in the 20th century. So why is it so important to know about concepts associating with a software development approach?

Because today more or less, everything happens…


Data security in Azure Cloud and SQL environment

What is better than automation and security while developing code and digital products?

“While the goal of DevOps Services automation is to help development teams in faster deployment and monitoring of applications, DevSecOps adds security to the automation and contributes to enhancing the quality and efficiency of the software.”

(anchore.com)

A step towards DevSecOps approach is to use Azure Resource Manager deployment model and configure Vulnerability Assessment Baseline Rules for SQL server and database. Let’s take a look at how and why we do just that.

Activate, set and configure Vulnerability Assessments Baseline…

Sanna Diana Tomren

Passion for technology, from back-end code to leadership

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store