The first is Broken Access Control
Posted: Sat Dec 14, 2024 10:49 am
As applications mature, we see increased sophistication and complexity. The attack surface is growing. Applications no longer have just a traditional web interface; they have general APIs that are used by mobile apps and other applications created by third parties. This includes usage that API developers may not have anticipated and they need to learn to identify cracks in systems. They must expect the unexpected. Those vendors that get it right, and particularly those that italy mobile number search get it right on the first try, will be the winners in 2022.
The second is vulnerable and outdated components . Components are popular because they speed up development and reduce maintenance cost, but the inevitable flip side is the disconnect between component developers and component users. This is also a case of a larger attack surface, and one that is particularly profitable to exploit, because a vulnerable component used by many vendors is a component that could yield many potential victims. Ecosystems are stepping up their responses to this. One example is GitHub’s Dependabot, there are many others. 2022 will see increased innovation and maturity in the discovery and fixing of component vulnerabilities.
The introduction of standards such as the EU GDPR has greatly improved the transparency of privacy issues and the ability of the end user to choose what they agree to. It is no longer a matter of take it or leave it, but this space is not standardised and that leads to privacy fatigue – we are fed up with having to go through these dialog boxes for every website. This is only made worse by offers to join mailing lists and requests for user surveys. All of this is ripe for open standards, which can be implemented in web browsers and mobile devices. It won’t happen without resistance, but 2022 could see a development in this direction.
The new monolith and blockchains from hype to reality
Jani Tarvainen, Senior Developer Advocate
The age-old battle between monolithic and microservices architectures continues. We've already grown accustomed to consuming microservices via APIs and they're not going anywhere, but one trend that's coming is the "new monolith." This means a new generation of frameworks that are more opinionated and take a step towards traditional back-end frameworks like Django, Rails, Spring, and Symfony.
The second is vulnerable and outdated components . Components are popular because they speed up development and reduce maintenance cost, but the inevitable flip side is the disconnect between component developers and component users. This is also a case of a larger attack surface, and one that is particularly profitable to exploit, because a vulnerable component used by many vendors is a component that could yield many potential victims. Ecosystems are stepping up their responses to this. One example is GitHub’s Dependabot, there are many others. 2022 will see increased innovation and maturity in the discovery and fixing of component vulnerabilities.
The introduction of standards such as the EU GDPR has greatly improved the transparency of privacy issues and the ability of the end user to choose what they agree to. It is no longer a matter of take it or leave it, but this space is not standardised and that leads to privacy fatigue – we are fed up with having to go through these dialog boxes for every website. This is only made worse by offers to join mailing lists and requests for user surveys. All of this is ripe for open standards, which can be implemented in web browsers and mobile devices. It won’t happen without resistance, but 2022 could see a development in this direction.
The new monolith and blockchains from hype to reality
Jani Tarvainen, Senior Developer Advocate
The age-old battle between monolithic and microservices architectures continues. We've already grown accustomed to consuming microservices via APIs and they're not going anywhere, but one trend that's coming is the "new monolith." This means a new generation of frameworks that are more opinionated and take a step towards traditional back-end frameworks like Django, Rails, Spring, and Symfony.