DEV Community

Arpit Mohan
Arpit Mohan

Posted on • Originally published at insnippets.com

6 6

Tips for container, DNS & database security

#todayilearned #security #database

TL;DR style notes from articles I read today.

3 steps toward improving container security

  • Vet the use of code from online sources. Use discovery tools to manage and scale up containers securely with runtime protection.
  • Focus on how you build access rules and permissions. Understand the level of granularity needed right from day one to build this.
  • Harden the container host with policies to prevent resource abuse. Use access control groups, and run containers with read-only images.
  • Secure content inside containers by limiting Linux OS features running within it.
  • Enforce image source integrity protection to track content changes and determine who made them.

Full post here, 5 mins read

Five strategies to remove single points of DNS failure

  • Stay aware of trends that can compromise the 13 root name servers.
  • Choose a top-level domain more likely to stay up under large-scale attacks or software faults, unlikely to change hands and with significant investment in infrastructure.
  • Choose a DNS provider that uses Anycast and is large and scalable; use a different company to service your endpoints.
  • Keep track of expiration dates of domains and SSL certificates.
  • Don’t couple your endpoints and DNS zone control in one provider.

Full post here, 11 mins read

Secure databases in complex backend systems with these 5 best practices

  • Keep application and database servers on different physical machines, with a high-performance host for the apps & high-level security for databases.
  • Set up web application firewalls, and anti-malware & anti-ransomware solutions for the database server and review them regularly. Turn off any services not frequently used.
  • Encrypt data residing on servers with a private key and also encrypt before transit.
  • Limit the number of users accessing the database. Allow access only when required. Maintain and monitor activity logs. Keep database credentials hashed and salted.
  • Patch the OS and third-party software, APIs and plug-ins using the latest versions. Remove or deactivate unused apps.
  • Schedule regular backups and use a database proxy to accept requests only from trusted sources.


Full post here, 6 mins read

Get these TL;DR style notes directly to your inbox every weekday by signing up for my newsletter, in.snippets(), here.

Heroku
 Promoted

Heroku

Amplify your impact where it matters most — building exceptional apps.

Leave the infrastructure headaches to us, while you focus on pushing boundaries, realizing your vision, and making a lasting impression on your users.

Get Started

Top comments (0)

👋 Kindness is contagious

Engage with a wealth of insights in this thoughtful article, cherished by the supportive DEV Community. Coders of every background are encouraged to bring their perspectives and bolster our collective wisdom.

A sincere “thank you” often brightens someone’s day—share yours in the comments below!

On DEV, the act of sharing knowledge eases our journey and forges stronger community ties. Found value in this? A quick thank-you to the author can make a world of difference.

Okay