InfoQ Homepage Security Content on InfoQ
-
Armor CLAD Functions
Guy Podjarny talks about how to properly secure our cloud functions. He uses a model called CLAD to remember what's left to protect, and discusses concrete practices to scale our defences.
-
Let Devs Be Devs: Abstracting away Compliance and Reliability to Accelerate Modern Cloud Deployments
Rahul Arya shares how they built a platform to abstract away compliance, make reliability with Chaos Engineering completely self-serve, and enable developers to ship code faster.
-
Automating Chaos Attacks
Daniel Albuquerque and Nikos Katirtzis show how to run attacks in both manual and automated ways.
-
Reconciling Performance and Security in High Load Environments
Ignat Korchagin explores how to drive security in a high performance environment and make it a welcome and natural part of the product lifecycle.
-
Keep Calm and Secure Your CI/CD Pipeline
Sonya Moisset shows how to create a secure continuous integration/continuous deployment pipeline.
-
Designing Secure Architectures the Modern Way, Regardless of Stack
Eugene Pilyankevich shares his experience of implementing sophisticated defenses in constrained environments and explains why designing it properly is what counts.
-
Security Vulnerabilities Decomposition
Katy Anton flips the security from focusing on vulnerabilities (measured at the end) to focusing on the security controls which can be used by developers from beginning in software development cycle.
-
Predicting Cryptocurrency Exchange Rates with Stream Processing, Social Data and Online Learning
Tim Frey discusses how iunera used social data from Twitter in machine learning to predict crypto currency exchange rates.
-
Running Third-Party JavaScript
Kate Sills discusses how to minimize the risks of running third-party JavaScript. She goes over POLA, and how object capabilities can help grant specific, limited resources to third-party code.
-
Policy Enforcement on Kubernetes with Open Policy Agent
Aleks Saul and Jaime Gonzalez Aguilar introduce Rego, the language used to describe OPA policies, recent updates to OPA, and break down sample policies for common use cases.
-
Reflecting on a Life Watching Movies and a Career in Security
Jason Chan talks about some trends in the movie industry that relate well to similar changes in technology and security.
-
How to Build More Secure Service Brokers
Denise Yu highlights common threat assessment frameworks, drawing attention to potential vulnerabilities in service broker architecture, and offering system design guidelines and resources.