DEV Community

Arpit Mohan
Arpit Mohan

Posted on • Originally published at insnippets.com

Tips for container, DNS & database security

#todayilearned #security #database

TL;DR style notes from articles I read today.

3 steps toward improving container security

  • Vet the use of code from online sources. Use discovery tools to manage and scale up containers securely with runtime protection.
  • Focus on how you build access rules and permissions. Understand the level of granularity needed right from day one to build this.
  • Harden the container host with policies to prevent resource abuse. Use access control groups, and run containers with read-only images.
  • Secure content inside containers by limiting Linux OS features running within it.
  • Enforce image source integrity protection to track content changes and determine who made them.

Full post here, 5 mins read

Five strategies to remove single points of DNS failure

  • Stay aware of trends that can compromise the 13 root name servers.
  • Choose a top-level domain more likely to stay up under large-scale attacks or software faults, unlikely to change hands and with significant investment in infrastructure.
  • Choose a DNS provider that uses Anycast and is large and scalable; use a different company to service your endpoints.
  • Keep track of expiration dates of domains and SSL certificates.
  • Don’t couple your endpoints and DNS zone control in one provider.

Full post here, 11 mins read

Secure databases in complex backend systems with these 5 best practices

  • Keep application and database servers on different physical machines, with a high-performance host for the apps & high-level security for databases.
  • Set up web application firewalls, and anti-malware & anti-ransomware solutions for the database server and review them regularly. Turn off any services not frequently used.
  • Encrypt data residing on servers with a private key and also encrypt before transit.
  • Limit the number of users accessing the database. Allow access only when required. Maintain and monitor activity logs. Keep database credentials hashed and salted.
  • Patch the OS and third-party software, APIs and plug-ins using the latest versions. Remove or deactivate unused apps.
  • Schedule regular backups and use a database proxy to accept requests only from trusted sources.


Full post here, 6 mins read

Get these TL;DR style notes directly to your inbox every weekday by signing up for my newsletter, in.snippets(), here.

Top comments (0)

Read next

leandro_nnz profile image

PostgreSQL or MySQL: What Should I Choose for My Full-Stack Project?

Leandro Nuñez -

craigmcl profile image

The good, the bad and the ugly of the XZ vulnerability (CVE 2024-3094)

Craig McLuckie -

pragativerma18 profile image

How to Handle N+1 Queries for Optimal Database Performance in Django?

Pragati Verma -

davidmyriel profile image

Qdrant 1.8.0 - Major Performance Enhancements

David Myriel -