Life Before Docker and Beyond – A Brief History of Container Security

Containers have been around for over a decade. Yet before Docker’s explosive success beginning in 2013 they were not wide-spread or well-known. Long gone are the days of chroot, containers are all the rage, and with them we have a

Data Protection Impact Assessment
A quantitative approach to Data Protection Impact Assessment

Everyone is already familiar with the expression “data is the new oil”. Ever-increasing amounts of information are produced, stored, processed and transferred enabling products and services across all industries. A substantial amount of this information relates to an identified or

DNS security privacy
DNS security and privacy issues and how to avoid them

Even if you use HTTPS, your browsing habits can still be tracked by observing your DNS queries. Besides the lack of confidentiality, plain old DNS doesn’t provide data integrity and authenticity either. This article discusses DNS security and privacy and

Linux container security
An overview of Linux container security

Containers are often treated as if they were virtual machines which is far from the truth, they are a lot less isolated from the host system. However, there are a myriad of ways to enhance isolation. This blog post will

smart pointers
Not so smart pointers

Even though modern C++ ( the standard since C++11) has made programming in this language much more secure, it also introduced new vulnerabilities hidden under its layers of abstractions. In C and older versions of C++, the concept of pointers

smart contract security
Smart Contract Security

Blockchain-based platforms are becoming increasingly popular due to their ability to maintain a public distributed ledger, providing reliability, integrity, and auditability for transactions without a trusted entity. Early blockchain platforms, such as Bitcoin, focused solely on creating cryptocurrencies and payment

Secure development with Spring Framework

In the past decade, Spring Framework became a well established and prominent web framework for developing Java applications. The most exciting and essential changes in the Spring ecosystem was the birth and progression of Spring Boot. No matter what you

Ansible for infrastructure automation
How to automate your infrastructure with Ansible in a secure way?

In this article we will cover how to use Ansible for infrastructure automation. Here at Avatao, we are big believers in infrastructure-as-code which is a way of infrastructure automation using the practices from software development. Setup tasks, configuration, identity, and

Semancat versioning

Tackling the versioning pains of a greenfield project with cats. New projects can force us, developers to face certain challenges that we won’t even have to think about when working on an already existing codebase. These include stuff like “how

git security
Git security best practices

In this article we will discuss different methods to avoid common pitfalls in terms of Git security. We live in a world where it is hard not to know Git, the most popular Distributed Version Control System (DVCS). Free and