Tagged articles

71 articles

Page 1 of 1

Apr 17, 2026 · Information Security

Why Sharing a Root Account Is a Critical Security Risk and How to Replace It

The article analyzes the severe security, audit, and operational problems caused by using a shared root account on Linux servers, illustrates real incidents, and provides detailed migration steps, sudo‑based alternatives, audit‑d configurations, and bastion‑host solutions to enforce least‑privilege access.

Bastion HostLinuxPrivilege Management

0 likes · 31 min read

Why Sharing a Root Account Is a Critical Security Risk and How to Replace It

Lao Guo's Learning Space

Mar 31, 2026 · Information Security

OpenClaw Security Hardening: Complete Guide to Protect API Keys and Enforce Least‑Privilege

This guide details why OpenClaw’s high‑privilege capabilities make API keys a critical asset, presents concrete risk scenarios, and walks through practical key management, permission controls, network hardening, data privacy, auditing, and configuration templates to secure AI agent deployments.

API SecurityOpenClawaudit

0 likes · 14 min read

OpenClaw Security Hardening: Complete Guide to Protect API Keys and Enforce Least‑Privilege

Ops Community

Feb 25, 2026 · Databases

Hardening MySQL 8.4: Permissions, SSL, Auditing & Compliance Guide

This guide provides a step‑by‑step, production‑ready hardening plan for MySQL 8.4, covering permission hierarchy design, strong password policies, audit‑log configuration, TLS encryption, network access controls, firewall rules, backup scripts, monitoring metrics, and best‑practice recommendations to meet PCI‑DSS and Chinese GB/T 22239 compliance.

HardeningPermissionsTLS

0 likes · 27 min read

Hardening MySQL 8.4: Permissions, SSL, Auditing & Compliance Guide

Ray's Galactic Tech

Dec 11, 2025 · Cloud Native

Prevent Catastrophic Kubernetes Deletions with a Dual‑Layer Authorization & Validation System

This guide explains why a careless "kubectl delete" can cripple an entire production cluster and presents a practical, production‑ready dual‑layer protection strategy—RBAC‑based authorization plus a validating webhook—along with tooling, audit policies, and step‑by‑step implementation details to dramatically reduce accidental deletion risk.

RBACValidatingWebhookaudit

0 likes · 9 min read

Prevent Catastrophic Kubernetes Deletions with a Dual‑Layer Authorization & Validation System

Xiao Liu Lab

Oct 30, 2025 · Information Security

Essential Linux Security Baseline for Tier‑3 Compliance: Step‑by‑Step Guide

This article provides a comprehensive, step‑by‑step Linux security baseline for Tier‑3 compliance, covering password policies, login controls, access restrictions, audit logging, intrusion prevention, patch management, and resource limits, complete with executable commands for major distributions.

LinuxPassword policySystem Hardening

0 likes · 9 min read

Essential Linux Security Baseline for Tier‑3 Compliance: Step‑by‑Step Guide

Raymond Ops

Oct 28, 2025 · Operations

Master JumpServer Bastion Host: Installation, Configuration, and Usage Guide

This comprehensive guide explains why a bastion host is needed, outlines JumpServer's core features, and provides step‑by‑step instructions for installing, configuring, managing users and assets, setting up command filtering, auditing sessions, and configuring email notifications.

Bastion HostConfigurationInstallation

0 likes · 12 min read

Master JumpServer Bastion Host: Installation, Configuration, and Usage Guide

Liangxu Linux

Oct 1, 2025 · Information Security

How Can Companies Prevent Employees from Leaking Source Code? Practical Strategies

This article compiles several expert answers on protecting corporate source code from employee leakage, covering monetary incentives, permission segmentation, strict auditing, sandbox/virtualization solutions, cost‑benefit considerations, and why most internal code may not be worth heavy protection.

Information SecurityVirtualizationaccess control

0 likes · 6 min read

How Can Companies Prevent Employees from Leaking Source Code? Practical Strategies

Code Wrench

Sep 18, 2025 · Backend Development

Master GORM Plugins: Build an Asynchronous Audit Log Extension in Go

Learn how to extend GORM with custom plugins by implementing the Plugin interface, registering lifecycle callbacks, and creating an asynchronous audit‑log module that records Create, Update, Delete, and Query actions to a dedicated table, with configurable batch size, flush interval, and buffer settings.

GORMGoORM

0 likes · 10 min read

Master GORM Plugins: Build an Asynchronous Audit Log Extension in Go

Go Development Architecture Practice

Sep 3, 2025 · Information Security

Why Every Organization Needs a Bastion Host: Design, Features, and Deployment Strategies

This article explains what a bastion host is, why it evolved from jump servers, its 4A design principles, key goals, core functional modules, authentication methods, operation modes, deployment options, and highlights open‑source solutions for secure and auditable remote access.

Bastion HostOperationsaudit

0 likes · 9 min read

Why Every Organization Needs a Bastion Host: Design, Features, and Deployment Strategies

Ops Development & AI Practice

Jun 30, 2025 · Operations

How to Build a Near‑Impenetrable Host Security & Audit System on AWS

This guide explains how to replace traditional bastion hosts with AWS Systems Manager Session Manager and CloudWatch Agent, detailing IAM role setup, session logging, and log collection to achieve key‑less, port‑free access, fine‑grained permissions, and centralized, tamper‑proof audit logs for EC2 instances.

AWSCloudWatchEC2

0 likes · 9 min read

How to Build a Near‑Impenetrable Host Security & Audit System on AWS

MaGe Linux Operations

May 31, 2025 · Information Security

Master JumpServer: Complete Guide to Installing, Configuring, and Using a Bastion Host

This comprehensive guide explains what a bastion host is, why it’s needed, its core functions, and provides step‑by‑step instructions for downloading, installing, configuring, and operating JumpServer—including user and asset management, command filtering, audit tools, and email integration—so you can secure privileged access and simplify operations.

Bastion HostInstallationJumpServer

0 likes · 13 min read

Master JumpServer: Complete Guide to Installing, Configuring, and Using a Bastion Host

Liangxu Linux

Apr 28, 2025 · Information Security

How to Harden Linux Servers for Tier‑3 Security Compliance with Open‑Source Scripts

This guide explains the purpose of China's tiered security protection for Linux servers, outlines key requirements such as identity verification, access control, auditing, intrusion prevention, and provides step‑by‑step usage instructions for two open‑source scripts that automate checking and hardening on Red Hat/CentOS systems.

Tier 3auditopen‑source

0 likes · 8 min read

How to Harden Linux Servers for Tier‑3 Security Compliance with Open‑Source Scripts

21CTO

Apr 19, 2025 · Backend Development

What Critical Vulnerabilities Were Fixed in PHP 8.4.6? Inside the Core Security Audit

The PHP Foundation released a security audit of the php‑src core, revealing several high‑severity CVEs that were patched in version 8.4.6, detailing the affected components, audit scope, and overall assessment of PHP's security posture.

OpenSSLVulnerabilityaudit

0 likes · 5 min read

What Critical Vulnerabilities Were Fixed in PHP 8.4.6? Inside the Core Security Audit

Code Ape Tech Column

Apr 1, 2025 · Backend Development

Designing a Payment System State Machine and Status History Table

This article explains why payment systems need a state machine, details common payment statuses, illustrates typical state transition flows, describes the design of a status‑change history table, and provides implementation guidance using hand‑written code or Spring StateMachine to ensure maintainability, auditability, and robust handling of exceptional scenarios.

auditpaymentstate machine

0 likes · 14 min read

Designing a Payment System State Machine and Status History Table

Efficient Ops

Nov 13, 2024 · Information Security

How Leading Companies Stop Insider Data Theft: Real Ops & Security Practices

This article compiles practical insights from Zhihu discussions and real‑world experience on preventing insider spying and tampering with databases, covering least‑privilege policies, mutual supervision, strict access controls, audit mechanisms, and cultural factors that shape effective information security operations.

Database SecurityInformation Securityaccess control

0 likes · 11 min read

How Leading Companies Stop Insider Data Theft: Real Ops & Security Practices

Data Thinking Notes

Oct 14, 2024 · Information Security

12 Critical Data Security Risks Every Enterprise Must Address

From data lifecycle vulnerabilities to inadequate audit coverage, API misconfigurations, weak privileged access, and insufficient encryption, this article outlines twelve common data security risks and their real‑world impacts, helping organizations identify and remediate gaps before breaches occur.

access controlauditdata security

0 likes · 21 min read

12 Critical Data Security Risks Every Enterprise Must Address

Full-Stack DevOps & Kubernetes

Sep 21, 2024 · Information Security

Essential Linux Hardening: Firewall, Permissions, Auditing, and IDS Guide

Learn how to secure a Linux server by configuring firewalls with iptables and firewalld, managing user permissions, setting up auditd, applying automatic updates, and deploying intrusion detection tools like OSSEC and AIDE, plus a step‑by‑step response workflow for real‑world attack scenarios.

HardeningIDSLinux

0 likes · 8 min read

Essential Linux Hardening: Firewall, Permissions, Auditing, and IDS Guide

Linux Cloud Computing Practice

Sep 11, 2024 · Information Security

Secure Your Linux Servers with Free Check and Protective Shell Scripts

This guide introduces two open‑source shell scripts—CentOS_Check_Script and CentOS_Protective_Script—designed to enforce security hardening on Red Hat/CentOS systems, covering password policies, audit log protection, user management, and various security controls, with usage instructions and download links.

HardeningLinuxaudit

0 likes · 6 min read

Secure Your Linux Servers with Free Check and Protective Shell Scripts

Ops Development & AI Practice

Jul 19, 2024 · Fundamentals

How to Record PowerShell Sessions with Start-Transcript

This guide explains how to use PowerShell's Start-Transcript command to capture all input and output of a session, covering basic usage, specifying output files, append mode, error capture, and practical scenarios like debugging, auditing, and training.

PowerShellStart-Transcriptaudit

0 likes · 5 min read

How to Record PowerShell Sessions with Start-Transcript

Architecture Digest

Jun 14, 2024 · Information Security

Oracle Expands Java License Audits to Fortune 200 Companies and What It Means for Developers

Oracle has begun sending Java license audit letters to Fortune 200 firms, shifting from its previous focus on small companies, while its new per‑employee pricing model and aggressive compliance checks spark criticism and push many developers toward alternative OpenJDK distributions.

EnterpriseOracleaudit

0 likes · 9 min read

Oracle Expands Java License Audits to Fortune 200 Companies and What It Means for Developers

Open Source Linux

May 13, 2024 · Information Security

What Is a Bastion Host and Why It’s Critical for Secure Operations

This article explains what a bastion host (jump server) is, why it evolved from traditional jump servers, its core 4A design (authentication, authorization, account, audit), deployment options, common features, authentication methods, and how open‑source and commercial solutions differ, helping organizations improve security and compliance.

AuthenticationBastion HostOperations

0 likes · 10 min read

What Is a Bastion Host and Why It’s Critical for Secure Operations

DataFunTalk

Apr 18, 2024 · Information Security

Kuaishou Big Data Security Platform: Architecture, Governance, and Practices

This article details Kuaishou's large‑scale data security platform, covering its background, architectural layers, authentication and permission models, full‑link audit, data classification and protection mechanisms, operational results, future road‑maps, and a Q&A session on practical challenges.

Kuaishouauditbig data security

0 likes · 14 min read

Kuaishou Big Data Security Platform: Architecture, Governance, and Practices

Top Architect

Feb 6, 2024 · Backend Development

Implementing an Audit Function with SpringBoot: Design Options, Database Schema, Backend Controllers, and Vue Frontend Integration

This article explains four audit implementation approaches, provides the SQL schema for the audit and file tables, shows complete SpringBoot controller code for handling audit operations and file uploads, and presents full Vue front‑end code for creating, editing, listing, and approving audit records, offering a comprehensive guide for backend developers.

FileUploadSpringBootVue

0 likes · 26 min read

Implementing an Audit Function with SpringBoot: Design Options, Database Schema, Backend Controllers, and Vue Frontend Integration

Top Architect

Jan 31, 2024 · Backend Development

Implementing an Audit Functionality with SpringBoot and Vue Frontend

This article provides a step‑by‑step guide on designing and implementing an audit feature using SpringBoot for the backend, MySQL for data storage, and Vue.js for the front‑end, covering multiple implementation strategies, database schema creation, RESTful APIs, file upload handling, and UI interaction details.

FileUploadREST APISpringBoot

0 likes · 20 min read

Implementing an Audit Functionality with SpringBoot and Vue Frontend

macrozheng

Dec 26, 2023 · Backend Development

Mastering JaVers: Java Object Versioning Made Simple

This article introduces JaVers, an open‑source Java framework for object versioning, outlines its key use cases, evaluates its strengths and weaknesses, and provides practical code examples for comparison, committing changes, and persisting audit data across various databases.

Persistenceauditjavers

0 likes · 9 min read

Mastering JaVers: Java Object Versioning Made Simple

Full-Stack DevOps & Kubernetes

Dec 23, 2023 · Cloud Native

Essential Kubernetes Security Practices to Safeguard Production Clusters

Learn the critical Kubernetes security measures for production environments, including RBAC access control, network policies, secret management, continuous monitoring, patch updates, API server hardening, Kubelet protection, pod security policies, and container hardening techniques, each illustrated with practical YAML examples and command snippets.

ContainerHardeningKubernetesNetworkPolicy

0 likes · 10 min read

Essential Kubernetes Security Practices to Safeguard Production Clusters

Top Architect

Aug 14, 2023 · Backend Development

Implementing an Audit Functionality with SpringBoot: Design Options and Complete Code Example

This article explains various approaches to implementing an audit feature in a SpringBoot application, compares their pros and cons, provides detailed SQL schema, Java backend controller code, and Vue frontend integration, and includes complete code snippets for database tables, file handling, and UI components.

FileUploadSpringBootVue

0 likes · 27 min read

Implementing an Audit Functionality with SpringBoot: Design Options and Complete Code Example

Top Architect

Aug 2, 2023 · Backend Development

Implementing an Audit Function in SpringBoot: Design Options and Full‑Stack Code Example

This article explains four design patterns for implementing an audit workflow, compares their advantages and disadvantages, and provides complete SpringBoot backend, MySQL table definitions, and Vue front‑end code to build a functional audit system with file upload support.

SpringBootVueaudit

0 likes · 23 min read

Implementing an Audit Function in SpringBoot: Design Options and Full‑Stack Code Example

dbaplus Community

Jul 19, 2023 · Databases

What’s New in MySQL 8.1 & 8.0.34? Key Features and Changes Explained

MySQL 8.1, the first innovation release, and the stable 8.0.34 bring a host of new capabilities—including JSON‑based EXPLAIN INTO, enhanced replication controls, expanded security variables, audit improvements, binary‑log functions, and several deprecations—while also fixing numerous bugs to solidify MySQL’s stability.

NewFeaturesReplicationaudit

0 likes · 9 min read

What’s New in MySQL 8.1 & 8.0.34? Key Features and Changes Explained

Java High-Performance Architecture

Jul 7, 2023 · Backend Development

How to Build a SpringBoot Audit System with Vue Frontend and File Upload

This article walks through four audit implementation strategies, provides the SQL schema and Java SpringBoot controller for an audit feature, shows how to integrate it with a Vue front‑end including file upload handling, and offers complete code snippets for both back‑end and front‑end components.

Java backendSpringBootVue

0 likes · 26 min read

How to Build a SpringBoot Audit System with Vue Frontend and File Upload

Aikesheng Open Source Community

Jun 10, 2023 · Databases

Weekly Tech Share Summary – SQL and Database Highlights

This weekly newsletter curates top industry tech articles covering SQL deployment capabilities, MySQL replication issues, LLM‑to‑SQL benchmarks, connection limit errors, OceanBase tracing, and provides an open‑source SQL quality management platform update with development progress and upcoming plans.

OceanBaseWeekly Summaryaudit

0 likes · 4 min read

Weekly Tech Share Summary – SQL and Database Highlights

Efficient Ops

May 7, 2023 · R&D Management

Why the New Software Process Quality Audit & Assurance Maturity Model Matters

The China Communications Standards Association announced the launch of the Software Process Quality Audit and Assurance Capability Maturity Model at its April 2023 TC1 meeting, outlining national quality initiatives, the model’s role in improving software governance, and a call for industry participation before May 19.

ChinaDigital GovernanceSoftware quality

0 likes · 5 min read

Why the New Software Process Quality Audit & Assurance Maturity Model Matters

Aikesheng Open Source Community

Apr 7, 2023 · Databases

SQLE 2.2304.0-pre1 Release Notes: Project Overview, New Feature Highlights, and Full Release Information

The SQLE 2.2304.0-pre1 release introduces a preview version of the SQL audit and quality control tool with detailed project information, enhanced suggestion features for audit results, and a concise list of new functionalities and release details for database users and administrators.

Release NotesSQLEaudit

0 likes · 5 min read

SQLE 2.2304.0-pre1 Release Notes: Project Overview, New Feature Highlights, and Full Release Information

DevOps Cloud Academy

Oct 29, 2022 · Databases

Why Understanding SQL Naming and Development Standards Matters

The article explains the importance of clear SQL naming conventions, table and index creation rules, and general syntax guidelines in database DevOps, highlighting developer resistance to audits, the rationale behind each rule, and how tools like Bytebase with VCS integration improve the review experience.

Database StandardsDevOpsaudit

0 likes · 11 min read

Why Understanding SQL Naming and Development Standards Matters

Aikesheng Open Source Community

Sep 9, 2022 · Databases

SQLE 1.2209.0-pre1 Release Notes and Feature Overview

The preview release SQLE 1.2209.0-pre1 introduces OceanBase TopSQL auditing, Alibaba Cloud RDS MySQL audit‑log support, and a sub‑query nesting rule, while providing project background, download links, demo environments, and a detailed list of new features and release notes for database professionals.

Database ToolsOceanBaseRDS

0 likes · 5 min read

SQLE 1.2209.0-pre1 Release Notes and Feature Overview

dbaplus Community

Jun 26, 2022 · Information Security

How to Build a Lightweight MySQL/MariaDB Audit Log Platform with LogAnalyzer

This guide explains how to set up a lightweight database audit log platform using MariaDB's audit plugin, Rsyslog, and the LogAnalyzer web interface, covering environment preparation, plugin installation, syslog forwarding, MySQL schema creation, and LogAnalyzer configuration for real‑time monitoring and compliance reporting.

Database SecurityLogAnalyzerMariaDB

0 likes · 11 min read

How to Build a Lightweight MySQL/MariaDB Audit Log Platform with LogAnalyzer

Aikesheng Open Source Community

Apr 11, 2022 · Databases

Developing a Custom Review Rule for SQLE (MySQL 5.7) – Step‑by‑Step Guide

This article walks through the complete process of creating a custom SQL audit rule in the open‑source SQLE platform, covering API authentication, request construction, response analysis, rule insertion into the database, and the necessary Go backend code implementation.

GoRule DevelopmentSQLE

0 likes · 9 min read

Developing a Custom Review Rule for SQLE (MySQL 5.7) – Step‑by‑Step Guide

Aikesheng Open Source Community

Feb 25, 2022 · Databases

SQLE 1.2202.0 Release Notes

The SQLE 1.2202.0 release introduces new user group and permission management, scoring for audit results, expanded support for MySQL, Oracle, Java application SQL capture, Db2 audit plugins, additional MySQL audit rules, UI optimizations, and several critical bug fixes.

DB2OracleRelease Notes

0 likes · 4 min read

Aikesheng Open Source Community

Jan 28, 2022 · Databases

SQLE 1.2201.0 Release Notes

The SQLE 1.2201.0 release introduces workflow optimizations, new MySQL and SQL Server audit rules, enhanced pre‑check capabilities, several UI improvements, and numerous bug fixes, while providing links to the source repository, documentation, and plugin development guide.

ReleaseNotesSQLEaudit

0 likes · 5 min read

Aikesheng Open Source Community

Jan 14, 2022 · Databases

SQLE 1.2201.0-pre2 Release Notes and Feature Overview

The SQLE 1.2201.0-pre2 preview release introduces a SQL Server audit plugin, version display enhancements, and per‑SQL remark support, while providing repository, documentation, and release links, and includes a note that the preview may not guarantee smooth upgrades.

SQLEauditdatabases

0 likes · 3 min read

SQLE 1.2201.0-pre2 Release Notes and Feature Overview

Aikesheng Open Source Community

Jan 7, 2022 · Databases

SQLE 1.2201.0-pre1 Release Notes – New Features, Fixes, and Resources

The preview release SQLE 1.2201.0-pre1 introduces audit workflow enhancements, fixes LDAP and MySQL schema issues, provides updated documentation and repository links, and offers several related reading links for the open‑source SQL audit tool aimed at database users and administrators.

Release NotesSQLEaudit

0 likes · 3 min read

SQLE 1.2201.0-pre1 Release Notes – New Features, Fixes, and Resources

Aikesheng Open Source Community

Dec 31, 2021 · Databases

SQLE 1.2112.0 Release Notes – New Features, Optimizations, and Bug Fixes

The SQLE 1.2112.0 release introduces index optimization, scheduled deployment, enhanced rule configuration, SQL autocomplete, cloud database support, several UI improvements, and a critical bug fix for rule‑crash issues, while providing links to the repository, documentation, and related resources.

Release Notesauditbug fix

0 likes · 4 min read

SQLE 1.2112.0 Release Notes – New Features, Optimizations, and Bug Fixes

Aikesheng Open Source Community

Nov 5, 2021 · Databases

SQLE 1.2111.0-pre1 Release Notes

The SQLE 1.2111.0-pre1 preview release introduces plugin-based support for arbitrary databases, provides a PostgreSQL plugin example, includes API adjustments, fixes a rule‑passing bug, and offers links to the source repository, documentation, and release information for users and administrators.

auditdatabasesplugin

0 likes · 3 min read

Aikesheng Open Source Community

Oct 29, 2021 · Databases

SQLE 1.2110.0-pre1 Release Notes

The pre‑release version 1.2110.0‑pre1 of the open‑source SQL audit tool SQLE is announced, detailing its project overview, repository links, new feature (Online DDL support), UI optimizations, and bug fixes, followed by promotional links and unrelated personal commentary.

SQLEauditopen‑source

0 likes · 3 min read

dbaplus Community

Aug 2, 2021 · Fundamentals

Master Linux History Command: Practical Tips to Boost Shell Efficiency

This guide explains how the Linux history mechanism works, shows essential commands for viewing, filtering, and replaying past commands, demonstrates timestamping, adjusting record limits, changing the history file, disabling logging, and shares a hidden trick for keeping sensitive commands out of the log.

BashLinuxShell

0 likes · 10 min read

Master Linux History Command: Practical Tips to Boost Shell Efficiency

Full-Stack Internet Architecture

Apr 20, 2021 · Operations

Practical Tips for Using the Linux History Command to Manage Command History

This article explains how to efficiently use the Linux history command, covering its underlying mechanism, basic usage, repeat execution, searching, interactive search, timestamp display, history size control, file name changes, disabling history, and a useful security tip, helping administrators improve productivity and auditability.

BashLinuxSysadmin

0 likes · 11 min read

Practical Tips for Using the Linux History Command to Manage Command History

Efficient Ops

Mar 3, 2021 · Information Security

How to Efficiently Audit Linux System Operations Without Overloading Logs

This article explains why detailed system operation logs are essential for security audits and troubleshooting, outlines filtering guidelines to avoid noisy data, and compares five Linux auditing methods—history, custom bash, snoopy, auditd, and eBPF—highlighting their strengths, limitations, and practical configuration examples.

AuditdLinuxaudit

0 likes · 13 min read

How to Efficiently Audit Linux System Operations Without Overloading Logs

Programmer DD

Jan 23, 2021 · Information Security

What Is a Bastion Host and Why It’s Essential for Secure Operations

This article explains the concept, purpose, design principles, core features, authentication methods, deployment options, and popular open‑source and commercial solutions of bastion hosts, highlighting how they centralize access control, audit operations, and improve overall IT security and compliance.

Bastion HostOperationsaccess control

0 likes · 9 min read

What Is a Bastion Host and Why It’s Essential for Secure Operations

Open Source Linux

Jan 11, 2021 · Information Security

How to Harden Linux Bash History: Timestamps, IP Logging, and Syslog Integration

This guide shows how to enrich Linux Bash history with execution timestamps, user and IP information, and forward logs to syslog or a remote server, improving auditability and protecting against tampering during security incident response.

BashLinuxaudit

0 likes · 5 min read

How to Harden Linux Bash History: Timestamps, IP Logging, and Syslog Integration

MaGe Linux Operations

Dec 30, 2020 · Information Security

How to Harden Bash History: Timestamps, IP Logging, and Syslog Integration

This guide explains how to enhance Linux Bash history logging by adding timestamps, recording user IPs and commands, configuring environment variables, and modifying Bash source to send history entries to syslog, ensuring more reliable audit trails for security incident response.

BashHistory LoggingLinux security

0 likes · 5 min read

How to Harden Bash History: Timestamps, IP Logging, and Syslog Integration

Architecture Digest

Dec 29, 2020 · Information Security

Understanding Bastion Hosts: Definition, Design Principles, Features, and Deployment Options

This article explains what a bastion host (jump server) is, why it is needed, its 4A design philosophy, core objectives, functional modules, authentication methods, common operation modes, additional features, various deployment architectures, and examples of commercial and open‑source solutions.

AuthenticationBastion Hostaudit

0 likes · 11 min read

Understanding Bastion Hosts: Definition, Design Principles, Features, and Deployment Options

MaGe Linux Operations

Dec 11, 2020 · Operations

Efficient Linux System Auditing: Tools, Filters, and Best Practices

Auditing Linux system operations can be streamlined by applying filtering rules to exclude noisy cron and daemon logs, avoiding sensitive command exposure, and choosing appropriate recording methods—such as history, custom bash, snoopy, auditd, or eBPF—each with distinct advantages, limitations, and configuration examples.

auditeBPFsecurity

0 likes · 13 min read

Efficient Linux System Auditing: Tools, Filters, and Best Practices

Programmer DD

Nov 17, 2020 · Information Security

Why Every Enterprise Needs a Bastion Host for Secure Access and Auditing

An in‑depth guide explains what a bastion host is, its 4A design (authentication, authorization, account, audit), core functions, common deployment models, authentication methods, and both commercial and open‑source options, highlighting how it centralizes control, enhances security, and streamlines operational compliance.

Bastion HostInformation Securityaccess control

0 likes · 9 min read

Why Every Enterprise Needs a Bastion Host for Secure Access and Auditing

Open Source Linux

Nov 16, 2020 · Information Security

What Is a Bastion Host and Why Your Organization Needs One

This article explains what a bastion host (jump server) is, its design principles, core functions, authentication methods, deployment options, and the value it brings to IT operations, helping organizations improve security, auditability, and compliance while reducing operational risk.

access controlaudit

0 likes · 10 min read

What Is a Bastion Host and Why Your Organization Needs One

Programmer DD

Sep 26, 2020 · Information Security

How to Build an Automated Security Compliance Auditing System with Django

This article introduces an open‑source security compliance auditing platform built with Django, MongoDB and Redis, detailing its architecture, data synchronization methods, configurable audit strategies, asset inventory, policy configuration, task scheduling, and provides deployment instructions and sample API usage for automating compliance checks across applications, databases and operating systems.

Djangoauditautomation

0 likes · 9 min read

How to Build an Automated Security Compliance Auditing System with Django

Efficient Ops

Jul 7, 2020 · Information Security

Securing Operations with JD Cloud’s Bastion Host: Design, Challenges & Deployment

This article reviews JD Cloud’s bastion host solution presented at the 2020 Global New‑Generation Software Engineering Summit, detailing the security challenges of modern operations, compliance requirements, design principles, cloud‑native architecture, and real‑world deployments in enterprises and finance.

Bastion HostCloud NativeIdentity Management

0 likes · 15 min read

Securing Operations with JD Cloud’s Bastion Host: Design, Challenges & Deployment

360 Tech Engineering

Jun 12, 2020 · Databases

Comparison of Open‑Source MySQL Audit Plugins: MariaDB, Percona, and McAfee

This article surveys MySQL audit capabilities, explains the limitations of general and binary logs, introduces several open‑source audit plugins with installation and configuration details, and compares MariaDB, Percona, and McAfee audit plugins in terms of granularity, log format, and performance impact.

Database SecurityMariaDBMcAfee

0 likes · 10 min read

Comparison of Open‑Source MySQL Audit Plugins: MariaDB, Percona, and McAfee

360 Zhihui Cloud Developer

Jun 10, 2020 · Databases

Which MySQL Audit Plugin Performs Best? A Deep Dive into MariaDB, Percona, and McAfee

This article surveys open‑source MySQL audit plugins, explains their installation and configuration, compares their features, performance impact, and logging formats, and provides practical examples to help you choose the most suitable audit solution for your database environment.

auditdatabasemysql

0 likes · 11 min read

Which MySQL Audit Plugin Performs Best? A Deep Dive into MariaDB, Percona, and McAfee

Meituan Technology Team

Feb 14, 2019 · Information Security

Design and Architecture of Meituan's Data Security Permission Platform

Meituan’s data security permission platform introduces a hierarchical, fine‑grained model that unifies approval, permission, and audit functions across business lines, using a plug‑in service layer, micro‑service architecture, and high‑availability mechanisms such as caching, load balancing, and distributed locks to protect data assets.

MicroservicesPermission Modelaccess control

0 likes · 17 min read

Design and Architecture of Meituan's Data Security Permission Platform

Tencent Cloud Developer

Dec 18, 2018 · Information Security

Designing a Relatively Secure Account System: Authentication, Authorization, and Auditing

Designing a relatively secure account system requires integrating strong multi-factor authentication, fine-grained authorization models like RBAC or ABAC, and continuous real-time and offline auditing to mitigate breaches, while recognizing that absolute security is impossible and ongoing vigilance is essential.

AuthenticationAuthorizationInformation Security

0 likes · 17 min read

Designing a Relatively Secure Account System: Authentication, Authorization, and Auditing

Tencent Cloud Developer

Nov 16, 2018 · Databases

Why Cloud Databases Beat Traditional Ones: Safety, Migration, and Analytics

The article compares traditional and cloud databases, outlines the performance and management benefits of Tencent Cloud's database SaaS, explains migration tools like DTS, details audit and data‑subscription features, and highlights future trends for cloud‑native data services.

Data SubscriptionTencent Cloudaudit

0 likes · 10 min read

Why Cloud Databases Beat Traditional Ones: Safety, Migration, and Analytics

MaGe Linux Operations

Mar 16, 2018 · Operations

How to Build a Low-Cost Bash and MySQL Audit System for Server Operations

Learn how to implement a cost-effective, high‑performance audit solution that records precise Bash and MySQL activity per user, integrates with syslog, handles remote execution, mitigates large‑log issues, and forwards logs to a centralized server for comprehensive operational visibility.

Bashauditlogging

0 likes · 12 min read

How to Build a Low-Cost Bash and MySQL Audit System for Server Operations

Architecture Digest

Oct 1, 2017 · Big Data

Kafka End-to-End Auditing: Overview of Chaperone, Confluent Control Center, and Kafka Monitor

This article explains Kafka end‑to‑end auditing, compares three products (Chaperone, Confluent Control Center, Kafka Monitor), describes timestamp and index embedding techniques, and outlines their architectures, metrics, and implementation details for detecting data loss, duplication, and latency.

Metricsauditbig-data

0 likes · 11 min read

Kafka End-to-End Auditing: Overview of Chaperone, Confluent Control Center, and Kafka Monitor

Tencent Cloud Developer

Feb 14, 2017 · Databases

TDSQL Audit Capability: Architecture, Kafka Integration, and Consistency Hash Implementation

TDSQL’s cloud‑based audit solution combines a three‑proxy high‑availability layer, Kafka’s O(1) persistent messaging, and a distributed audit‑server that uses consistent hashing and multi‑coroutine processing to consume data within seconds, while fault‑tolerant offsets, majority acknowledgments, and Tencent Cloud MongoDB storage ensure secure, ordered, scalable, and highly reliable audit logging.

KafkaMongoDBTDSQL

0 likes · 7 min read

TDSQL Audit Capability: Architecture, Kafka Integration, and Consistency Hash Implementation

Ctrip Technology

Oct 14, 2016 · Operations

Qunar Network Device Operations Platform: Architecture, Features, and Continuous Optimization

This article presents the design, implementation, and ongoing improvements of Qunar's network device operations platform, detailing its background, optimization strategies, permission model, automated tasks, monitoring capabilities, and how it enhances operational efficiency while reducing risk.

access controlauditautomation

0 likes · 7 min read

Qunar Network Device Operations Platform: Architecture, Features, and Continuous Optimization

ITPUB

Sep 14, 2016 · Operations

From IDC Selection to Salt Automation: A DevOps Engineer’s Practical Journey

This transcript shares a senior operations engineer’s step‑by‑step experience covering IDC and bandwidth selection, hardware checks, OS installation, initial configuration, migration from Puppet to Salt, user authentication, audit logging, and KVM virtualization, offering concrete tips and real‑world examples.

KVMPuppetSaltStack

0 likes · 12 min read

From IDC Selection to Salt Automation: A DevOps Engineer’s Practical Journey

AI Cyberspace

Jul 4, 2016 · Information Security

Master Linux Auditing: Essential Commands and Log Analysis Techniques

This guide explains essential Linux audit commands, log‑viewing techniques, user and process inspection methods, and additional checks such as file integrity, network monitoring, cron jobs, and backdoor detection, providing a comprehensive toolkit for system security and operations.

auditlog analysissecurity

0 likes · 9 min read

Master Linux Auditing: Essential Commands and Log Analysis Techniques

Big Data and Microservices

May 5, 2016 · Information Security

Essential Linux Security Audit Checklist: 11 Steps to Detect Compromise

This guide walks you through eleven systematic Linux security checks—including account inspection, log review, process analysis, file integrity, RPM verification, network monitoring, scheduled tasks, backdoor detection, kernel modules, services, and rootkit scans—to help identify potential system compromises.

ForensicsLinuxRootkit

0 likes · 6 min read

Essential Linux Security Audit Checklist: 11 Steps to Detect Compromise

Efficient Ops

Jan 24, 2016 · Information Security

From 1.0 to 3.0: The Evolution and Architecture of Jumpserver Bastion Host

This article chronicles the development milestones, architectural design, and practical lessons learned while building Jumpserver—from its humble 1.0 prototype to the feature‑rich 3.0 release—offering deep insights for developers and security engineers interested in open‑source bastion solutions.

AuthenticationAuthorizationBastion Host

0 likes · 21 min read

From 1.0 to 3.0: The Evolution and Architecture of Jumpserver Bastion Host

dbaplus Community

Dec 7, 2015 · Information Security

How to Build Robust Database Security: Logical and Physical Protection Strategies

This article explains why protecting database‑stored sensitive data is critical, analyzes common attack vectors and breach statistics, and provides detailed logical and physical security measures—including user and permission management, auditing, encryption, disaster‑recovery planning, and Oracle replication technologies—to help organizations achieve comprehensive database protection.

Database SecurityOracleaccess control

0 likes · 20 min read

How to Build Robust Database Security: Logical and Physical Protection Strategies

MaGe Linux Operations

Oct 8, 2015 · Fundamentals

How to Record Every Terminal Session with Linux’s script Command

Learn how the Linux script command can capture all terminal activity, how to start, stop, and customize recordings, and why it’s useful for collaboration, auditing, and automated logging in shared or remote environments.

auditscript commandterminal recording

0 likes · 5 min read

How to Record Every Terminal Session with Linux’s script Command