56,283 questions
Advice
0
votes
0
replies
32
views
External data sharing onelake security
I'm looking for some clarification on how OneLake Security is intended to work with External Data Sharing.
The Microsoft documentation states that an external data share creates a read-only OneLake ...
Best practices
3
votes
2
replies
113
views
how to protect PC against supply chain attacks?
Trying to hear about different patterns/methods users protect their systems against opportunistic supply chain attacks on their PCs, not servers.
One major exposure that I -- and I assume many others -...
Score of 0
0 answers
47 views
Windows Security Application Control policy blocks a file intermittently [closed]
My application Trados Studio 2019 intermittently fails to open because "an Application Control policy has blocked a file (HRESULT 0x800711C7) because a file or assembly could not be loaded". ...
Advice
2
votes
0
replies
101
views
Where to learn agentic AI systems and cybersecurity with aligning with the latest trend
I want to learn Agentic AI systems and Cybersecurity using a project-based approach rather than only theory.
I am interested in:
AI agents and agentic workflows
Multi-agent systems
RAG (Retrieval-...
Score of 0
1 answer
108 views
Is it possible to get PasswordEncoder bean from UserDetailsService bean?
Probably most of the Spring Boot applications developers know it and use it in their WebSecurityConfigurerAdapter extensions:
@Override
public void configure(AuthenticationManagerBuilder auth) throws ...
Advice
2
votes
5
replies
129
views
Cybersecurity advice
I've been working towards learning cybersecurity....And as i learned I found that this is a very interesting topic and I became addicted to it...I am a btech student so I know the basics of networking,...
Best practices
0
votes
0
replies
66
views
Security Maturity Reduction Value in Cybersecurity Risk Assessment
What is the recommended methodology for calculating Security Maturity Reduction Value during a Cybersecurity Risk Assessment for critical infrastructure, and how should it be incorporated into overall ...
Advice
1
vote
2
replies
104
views
AWS-SSM vs SSH (security)
There's been a recent argument being made that SSM is safer (or more secure) than SSH. While this may be true for very specific cases, I tend to disagree with the blanketing statement that SSM is ...
Advice
0
votes
1
replies
76
views
Is Spring Security 5.2.9.RELEASE affected by CVE-2026-22732?
Hello Spring Security team,
I have a question regarding CVE-2026-22732.
According to the advisory, the affected versions are listed as:
5.7.0 through 5.7.21
5.8.0 through 5.8.23
6.3.0 through 6.3....
Advice
0
votes
3
replies
89
views
Frontend vs. Backend for simple unit conversion logic (UX & Security best practices)?
I'm implementing an area unit conversion tool on a website. Users will input a value in "Ping" (a local area unit, 1 ping ≈ 3.3058 m²), and the page will convert it to square meters and ...
Best practices
2
votes
1
replies
73
views
What does a practical implementation of authentication for an internal company app look like?
I'm working on architecting an internal app for my company that will have a separate frontend and backend and will use our IdP (Okta) for login. My initial idea is to have frontend have users log in ...
Best practices
1
vote
12
replies
162
views
Generate x509 Certificate in Java
I'm looking for a free Java code to generate an in-memory x509 security certificate v.3, not a certificate file on the disk. Should support extensions and RSA algo.
I need a low-level Java code, ...
Score of 0
1 answer
189 views
How to enforce server-side file validation when using Supabase Storage client-side upload in Next.js?
I have a Next.js app (App Router) with two separate upload paths for a gallery feature, and I realized my server-side security checks are being bypassed.
The secure path (Server Action) - validates ...
Tooling
0
votes
0
replies
72
views
Architecture review: Locally hosted web app with VPN access for confidential business data
I am building a custom business tracking application from scratch for a client. Due to strict Private and Confidential (PnC) data requirements, the client has mandated that the application and ...
Advice
1
vote
0
replies
131
views
How Can I Start a Career in Cybersecurity Without Professional Experience?
I’m interested in starting a career in cybersecurity, but I’m not sure what the best path is to get into the field. I know cybersecurity is a broad area, and I would like to understand what skills, ...