InfoQ Homepage Security Content on InfoQ
-
Getting the Most out of Sandboxing
Chris Palmer discusses the nature and particulars of the OS limitations we face, what security gap they leave us with, and what we are doing to make Chromium's large codebase less memory-unsafe.
-
DevSecOps and Application Security
Rajiv Kapoor, Clint Gibler, André Tehrani, Anastasiia Voitova, and Erik Costlow discuss how to integrate security into DevOps, where their concerns are and how each is addressed.
-
DevSecOps: Not the Tools, the Other Bits
Mario Platt presents how to improve and integrate governance, team practices and maturity development in how the output of tools are integrated.
-
Security and the Language of Intent
Tracy Holmes and Petros Kolyvas discuss why the language of security for infrastructure is often lost in translation and how policy as code can help.
-
User Adaptive Security
Christina Camilleri and Jesse Kriss discuss how Netflix has readjusted their investments around user-focused security, and explore strategies towards a tiered access approach within endpoint security.
-
Live Interview: Phishing Techniques and Mitigations
Joe Gray talks about OSINT and phishing tactics.
-
Failing Fast: the Impact of Bias When Speeding up Application Security
Laura Bell explores how bias impacts the security of a development lifecycle and examines 3 common biases that lead to big issues in this space.
-
Being Secure by Default
Dan Abel discusses how they have changed their culture and built confidence in security practices with a culture of collaboration across their organization.
-
Armor CLAD Functions
Guy Podjarny talks about how to properly secure our cloud functions. He uses a model called CLAD to remember what's left to protect, and discusses concrete practices to scale our defences.
-
Let Devs Be Devs: Abstracting away Compliance and Reliability to Accelerate Modern Cloud Deployments
Rahul Arya shares how they built a platform to abstract away compliance, make reliability with Chaos Engineering completely self-serve, and enable developers to ship code faster.
-
Automating Chaos Attacks
Daniel Albuquerque and Nikos Katirtzis show how to run attacks in both manual and automated ways.
-
Reconciling Performance and Security in High Load Environments
Ignat Korchagin explores how to drive security in a high performance environment and make it a welcome and natural part of the product lifecycle.