Advantages of DNS RPZ | How It Works

Advantages of RPZ: Basics & Common Configurations

Since the release of BIND 9 in 2010, RPZ has proven a powerful technology for security and network management—allowing organizations to implement an additional DNS configuration layer. In fact, BIND is the most widely used Domain Name System software on the internet—making RPZ configuration options like integrating commercial feeds, blocklists, and URL databases like zveloDB™ all the more attractive. So let’s take a moment to revisit the advantages of RPZ.

Securely Logging & Tracing HTTP Requests in Go | zvelo

Securely Logging & Tracing HTTP Requests in Go

I was recently debugging a nasty issue in one of our backend services and needed to view the exact HTTP request & response being sent to an authentication server. Fortunately, Go’s standard library provides http.RoundTripper, httputil.DumpRequestOut & httputil.DumpResponse, which are great for dumping the exact out-bound request & the response. But since an authentication request contains credentials and a response contains a security token, it would have been insecure to record credentials & tokens in our logging systems. How could I securely exfiltrate the information I needed, while maintaining security and not requiring a whole lot of changes to my codebase or deployment environment?

devil's ivy

Devil’s Ivy Targets IoT Open Source Code Library

By Eric Watkins, Senior Malicious Detection Researcher at zvelo This week, a new security vulnerability subject to remote attack, known as Devil’s Ivy, is targeting the C++ library used by thousands of different IoT device vendors. The most popular devices being compromised are IoT video cameras; however, the associated risk is not limited to video…