InfoQ Homepage Security Content on InfoQ
-
Securing Microservices: Preventing Vulnerability Traversal
Stefania Chaplin is looking at OWASP recommendations and Kubernetes best practices to find out more about how to secure microservices and reduce vulnerability traversal.
-
Best Practices for API Quality and Security
The panelists discuss how to improve quality and security in API design and management, what the biggest challenges are and how to address them.
-
Vulnerability Inbox Zero
Alex Smolen discusses dealing with security vulnerabilities both in the main product and the security scanner used to analyze it.
-
Slack’s DNSSEC Rollout: Third Time’s the Outage
Rafael de Elvira Tellez discusses a case study of what happened when a large SaaS company enabled DNSSEC.
-
Securing APIs and Microservices in the Cloud
Stefania Chaplin discusses how to secure APIs and microservices in the cloud based on OWASP recommendations.
-
Implementing Passwordless Logins with WebAuthn Protocol
Adib Saikali overviews the Web Authentication protocol which enables secure user-friendly authentication processes. He is using a sample Spring Security-based application.
-
Perspectives on Trust in Security & Privacy
The panelists discuss balancing the adjustment of the security posture and the user experience.
-
Securing Java Applications in the Age of Log4Shell
Simon Maple looks at how one can be more proactive and defensive in decisions for future Log4Shell like scenarios, considering, identifying and reducing the risk introduced into applications.
-
"Trust Me, I'm an Insider" - Diving into Zero Trust Security
Sindhuja Rao and Deepank Dixit discuss how Zero Trust does a better security job, how scalable it is and why trust the “Zero Trust”.
-
Building Trust & Confidence with Security Chaos Engineering
Aaron Rinehart shares his experience on Security focused Chaos Engineering used to build trust and confidence, proactively identifying and navigating security unknowns.
-
Protecting User Data via Extensions on Metadata Management Tooling
Alyssa Ransbury overviews the current state of metadata management tooling, and details how Square implemented security on its data.
-
DevSecOps Best Practices for Identity & Access Management
The panelists discuss how to integrate security into DevOps, where their concerns are and how each is addressed.