InfoQ Homepage Security Content on InfoQ
-
Kick-off Your Transformation by Imagining It Had Failed
Large scale change initiatives have a worryingly high failure rate, the chief reason for which is that serious risks are not identified early. One way to create the safety needed for everyone to speak openly about the risks they see is by running a pre-mortem. In a pre-mortem, we assume that the transformation had already failed and walk backward from there to investigate what led to the failure.
-
Identity Mismanagement: Why the #1 Cloud Security Problem Is about to Get Worse
In this article, we'll look at why IAM is becoming such a huge challenge, explain why identity is the new currency, and then reveal some principles that can help you meet this challenge.
-
Q&A on the Book Cyber Warfare
The book Cyber Warfare by Dr. Chase Cunningham explores how organizations can defend themselves against cyber attacks. It provides examples of actual attacks together with defense techniques, tools, and strategies for cybersecurity.
-
Five Reasons to Start Working in the Cloud
Whether self-hosted or managed, this article is going to cover five reasons why a cloud IDE may be precisely what you or your company needs to boost productivity to the next level.
-
How to Use Encryption for Defense in Depth in Native and Browser Apps
Isaac Potoczny-Jones discusses the pros and cons of application-layer encryption. He covers the attack surface of application-layer encryption in the browser, how it is very different from native clients, and how WebCrypto helps.
-
Deploying Edge Cloud Solutions without Sacrificing Security
Security challenges exist with edge cloud solutions. Some are technical, and some relate to the way in which these services are used. This article looks at the why, what, and how of edge security.
-
Privacy Architecture for Data-Driven Innovation
This article lays out how you build an internal data governance architecture early in the ingestion phase, which enables you to allocate risk to data and identify such data in your systems. You can then protect the data accordingly. The second half of this article lays out various techniques to share data in a privacy-conscious manner.
-
What Is Account Creation Fraud? Complete Guide to Detection and Prevention
In this article, we'll take a look at the re-emergence of account creation fraud, and how this type of attack works. Then we'll turn our attention to the impact that this is already having on the way that companies secure their identity management systems, the effects of security measures like virtual private networks (VPN) and password managers, along with what the future will bring.
-
InfoQ Editors' Recommended Talks from 2019
As part of the 2019 end-of-year-summary content, this article collects together a list of recommended presentation recordings from the InfoQ editorial team.
-
Book Review: A Leader's Guide to Cybersecurity
A Leader's Guide to Cybersecurity educates readers about how to prevent a crisis and/or take leadership when one occurs. With a focus on clear communication, the book provides details, examples, and guidance of mapping security against what a business actually does. The book describes ways to align security with the motivation of others who may be security-agnostic against their own goals.
-
Three Major Cybersecurity Pain Points to Address for Improved Threat Defense
Three pain points every company must address when addressing cybersecurity include threat volume and complexity, a growing cybersecurity skills gap, and the need for threat prioritization. This article describes each of these in some detail, and includes recommendations for corporations to deal with them.
-
Q&A on the Book Real-World Bug Hunting
The book Real-World Bug Hunting by Peter Yaworski is a field guide to finding software vulnerabilities. It explains what ethical hacking is, explores common vulnerability types, explains how to find them, and provides suggestions for reporting bugs while getting paid for doing so.