SOC 2 is an auditing standard, defined by the AICPA, that evaluates whether an organization's actual controls meet defined criteria across security and related trust categories; a Type I report checks controls at a single point in time, while a Type II report checks whether those controls actually operated effectively over a period of months — a materially stronger form of assurance that vendors and customers should not treat as interchangeable.
compliancesecurity
A distributed denial-of-service attack floods a target with traffic from many sources at once to overwhelm it; the three main categories — volumetric, protocol, and application-layer — require different mitigation approaches, and effective defense generally relies on distributed infrastructure with far more absorption capacity than any single origin server could have on its own.
securitynetworking
Cloud providers secure the underlying infrastructure — physical data centers, host hardware, the virtualization layer — while customers remain responsible for securing what they configure on top of it: identity and access, network configuration, data, and application code; most well-known cloud security incidents trace back to the customer side of that line, not a provider failure.
securityfundamentals
A web application firewall inspects HTTP requests at the application layer, filtering out patterns associated with common attacks like SQL injection and cross-site scripting before they reach the application — a different job from a traditional network firewall, which filters based on IP addresses and ports without looking at request content.
securitynetworking
TLS (the modern successor to SSL) encrypts data in transit between a client and server; the handshake that precedes this exchange verifies the server's identity via a certificate and negotiates a shared encryption key, all before any application data is actually sent.
securitynetworking
Zero trust architecture replaces the older model of trusting anything already inside the network perimeter with continuous, per-request verification of every user and device, regardless of location; it emerged specifically because cloud services and remote work made the old idea of a defensible network perimeter increasingly meaningless.
securityarchitecture