Fahmida Y. Rashid

Senior Writer

Fahmida Y. Rashid is a senior writer at CSO, focused on the information security beat. Before joining CSO, she wrote about networking and security for various technology publications, including InfoWorld, eWeek, PC Magazine, Dark Reading, and CRN. She also spent years as an IT administrator, software developer, and data analyst. "I, for one, welcome our new computer overlords."

Don't get bit by zombie cloud data

Trust issues: Know the limits of SSL certificates

Trust issues: Know the limits of SSL certificates

All SSL certs are not created equal, and web browsers make matters worse by not clearly showing what security you’re actually getting

Jenkins users can shore up software security with plugins

Jenkins users can shore up software security with plugins

Safeguard the software you develop from the start with these Jenkins plug-ins and integrations, which automate security testing

Critical flaw alert! Stop using JSON encryption

Critical flaw alert! Stop using JSON encryption

Developers shouldn't use JSON Web Tokens or JSON Web Encryption in their applications at all, lest their private keys get stolen

Google tries to beat AWS at cloud security

Google tries to beat AWS at cloud security

New tools that protect enterprise applications running on Google Cloud Platform may help take the spotlight away from AWS and Microsoft Azure

5 open source security tools too good to ignore

5 open source security tools too good to ignore

Look to these clever open source tools to keep secrets out of source code, identify malicious files, block malicious processes, and keep endpoints safe

Oracle to Java devs: Stop signing JAR files with MD5

Oracle to Java devs: Stop signing JAR files with MD5

Starting in April, if a JAR file is signed with MD5, Oracle will treat it as unsigned

Git Hound, Truffle Hog root out GitHub leaks

Git Hound, Truffle Hog root out GitHub leaks

The two open source tools check for cyptographic keys and other sensitive information in code saved on GitHub and offers warnings if secrets are at risk

5 signs we're finally getting our act together on security

5 signs we're finally getting our act together on security

Despite all the bad news in 2016, trends suggest the year ahead could be a tipping point for information security

Google open-sources test suite to find crypto bugs

Google open-sources test suite to find crypto bugs

Developers can use Project Wycheproof to test cryptographic algorithms against a library of known attacks to uncover potential weaknesses

10 AWS security blunders and how to avoid them

10 AWS security blunders and how to avoid them

Amazon Web Services is easy to work with -- but can easily compromise your environment with a single mistake

Buggy components still dog Java apps

Buggy components still dog Java apps

Your Java coding chops don't matter much if your go-to third-party libraries and open source frameworks are outdated and have known vulnerabilities

Load More