We mostly ship software by date, squeezing all development and testing efforts toward that deadline. We prioritize what we think is important, and once our application passes a certain quality level, we’re ready to go live. But even when we do ship, can we tell the readiness status of our application?
What’s the best way to protect servers in the cloud? How can you account for the transient nature of cloud servers and provide the same protection in the cloud as on on-premises? To find out, InfoQ spoke with Mark Nunnikhoven, a Principal Engineer in the Cloud & Emerging Technologies division at Trend Micro. You can find Mark on Twitter as @marknca.
Dennis Sosnoski explains how supposedly-secure connections can be downgraded to the point where they are easily broken and how to make it more difficult for anyone to see or alter your data exchanges. 2
To protect against hacks that lead to theft of business data, best practices are set forth in the Payment Card Industry Data Security Standard. Follow these 12 steps for a secure payment environment. 1
As Hadoop becomes more popular a platform for data processing, there are more concerns about its security concerns and the insider threats of malicious users in a Hadoop cluster. 1
Web services offer distinct opportunities for real-time innovation, but requires new standards in the way APIs are secured and managed at the B2B enterprise gateway level.
The battle over security and performance is fought by security professionals and network administrators. These factions have to barter an uneasy truce for the organization to survive.
Commitment is a graphical business novel about managing project risks with “Real Options”, a way to improve decision making. InfoQ spoke with the authors about decisions, risks and technical debt. 1
In this article, Rohit Sethi discusses the opaque nature of security verification tools and processes and the potential for false negatives not covered by techniques like automated dynamic testing. 1
This article defines a Data Encryption Infrastructure (DEI) which encompasses technology components and an application architecture that governs the protection of sensitive data within an enterprise.
While a majority of security specialists are managing identity through SSO nobody has answered the question if identity propagation in SOA and Clouds is feasible from a business perspective. 4