First of all, what is data anonymization?

According to Wikipedia:

Data anonymization is a type of information sanitization whose intent is privacy protection. It is the process of removing personally identifiable information from data sets, so that the people whom the data describe remain anonymous.

In other words, the data anonymization is a process that retains the data but keeps the source anonymous. Depending on the adopted anonymization technique the data is redacted, masked or substituted.

And that is the purpose of iris-Disguise, to provide a set of anonymization tools.

Have you tried the InterSystems learning platform lab for IRIS IntegratedML? In that lab you can train and test a model on a readmission dataset and be able to predict when a patient will be readmitted or not, or calculate its probability of being readmitted.

You can try it without any installation on your system, all you have to do is start a virtual lab environment (Zeppelin) and play it around!

Want a commercial grade FHIR® Implementation included in your micro service ecosystem and barely have enough time to fill out your Health plan elections?

Here is a quick way to invite the InterSystems® FHIR®Accelerator Service to your Kubernetes Microservice party for immediate use. The solution uses Nginx proxy ninja moves to get the job done. Though rustic and bound to create some technical arguments, I am pretty happy with the results until this community tells me otherwise, so FHIR® away as they say but it would be great if you heard me out first.

Not so while ago GitHub introduced, ability to very quickly run VSCode in the browser for any repository hosted there. Press the . key on any repository or pull request, or swap .com with .dev in the URL, to go directly to a VS Code environment in your browser.

This VSCode is a light version of the Desktop version but works entirely in Browser. And due to this, it has a limitation for extensions which was allowed to work this way. And let me introduce the new version 1.2.1 of VSCode-ObjectScript extension which now supports running in Browser mode.

Finding errors in your code or examining unexpected behavior is the main purpose of Debugging
I will try to refresh the traditional tools away from the helpers you have in Studio, VScode, Serenji, ....
to the basics which have been there before your preferred EDI used it in the background.

Hey community, how are you all doing?

What if you could check if your REST application is susceptible to some vulnerability? What if you could check if any known attacks affect your application?

With these issues in mind, we've brought our sample application using the ZAP testing tool. A way to quickly, conveniently provide tools for developers to validate security issues in an accessible manner practically.

In this article I will demonstrate basics of OAuth2 authentication with GitHub account with the help of online demo 
https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS

The InterSystems IRIS IntegratedML feature is used to get predictions and probabilities using the AutoML technique. The AutoML is a Machine Learning technology used to select the better Machine Learning algorithm/model to predict status, numbers and general results based in the past data (data used to train the AutoML model). You don't need a Data Scientist, because the AutoML it will test the most common Machine Learning algorithms and select the better algorithm to you, based in the data features analysed. See more here, in this article.

For those of you who might be new to IRIS, and even those who have used Cache or IRIS for some time but want to explore beyond its usually-assumed boundaries and practices, you might want to dive into this detailed exploration of the database engine that is at its heart, and discover just what you can really do with it, going way beyond what InterSystems have done with it for you. 

You'll discover that it's actually a hugely powerful yet incredibly simple storage engine that allows you to model any kind of database you wish, once you understand and master its simple, basic principles.

I recently published the "appmsw-docbook" module for deploying the solution not by individual programs, but by the entire database. This solution allows you to deploy a project without source codes.

Having received feedback, I decided to improve it significantly. Replaced zip archive with tgz, which will allow not using external system-dependent archivers.

Implemented a method for preparing an archive of a database and its dependent web applications. And the deployment archive itself is assembled as a zpm module into which the utility for deploying the database is replicated.

In this article I will explain how to Authenticate, Authorize and Audit by code by using CSP Web Application along with Enabling /Disabling and Authenticate/Unauthenticate any Web Application.

• Online Demo is available on cloud https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp (SuperUser | SYS)
• I recommend to watch the video before continue https://www.youtube.com/watch?v=qFRa3njqDcA

Application Layout

What about having your IRIS REST APIs scanned every push you did and being reported on possible vulnerabilities? This is what I am going to show you in this article.

Recently, we had the Security Contest with amazing applications and examples showing how to improve security on your IRIS solutions. One of such examples was the zap-api-scan-sample, made by me and my colleague Henrique Dias. Our application shows how to use the OWASP ZAP API scanner to perform security tests on your REST APIs OpenAPI definitions generated by IRIS.

The XData (https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls?KEY=GOBJ_XDATA) is a powerful feature to set documentation and metadata information for classes and methods. The %CSP.REST class uses XDATA to mapping REST calls (https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls?KEY=GREST_csprest), so in this article you will see how to use XData into your apps as code, not only as documentation.

When you write XData comments/definitions, the IRIS store it into %Dictionary.ClassDefinition (for classes) %Dictionary.MethodDefinition (for methods).

Developing the project zpm "install isc-apptools-lockdown" implemented the ability to set the security level not only to lockdown, but also to minimum and normal.

Increasing security settings

You can replace the shared password if the password of the predefined system users has been compromised

USER>do ##class(appmsw.security.lockdown).ChangePassword("NewPass231",##class(appmsw.security.lockdown).GetPreparedUsers())

Apply Security settings to "LockDown"

USER>do ##class(appmsw.security.lockdown).SetSecurityLevel("lockdown","NewPassword123")