InfoQ Homepage Security Content on InfoQ
-
Keep Calm and Secure Your CI/CD Pipeline
Sonya Moisset shows how to create a secure continuous integration/continuous deployment pipeline.
-
Designing Secure Architectures the Modern Way, Regardless of Stack
Eugene Pilyankevich shares his experience of implementing sophisticated defenses in constrained environments and explains why designing it properly is what counts.
-
Security Vulnerabilities Decomposition
Katy Anton flips the security from focusing on vulnerabilities (measured at the end) to focusing on the security controls which can be used by developers from beginning in software development cycle.
-
Predicting Cryptocurrency Exchange Rates with Stream Processing, Social Data and Online Learning
Tim Frey discusses how iunera used social data from Twitter in machine learning to predict crypto currency exchange rates.
-
Running Third-Party JavaScript
Kate Sills discusses how to minimize the risks of running third-party JavaScript. She goes over POLA, and how object capabilities can help grant specific, limited resources to third-party code.
-
Policy Enforcement on Kubernetes with Open Policy Agent
Aleks Saul and Jaime Gonzalez Aguilar introduce Rego, the language used to describe OPA policies, recent updates to OPA, and break down sample policies for common use cases.
-
Reflecting on a Life Watching Movies and a Career in Security
Jason Chan talks about some trends in the movie industry that relate well to similar changes in technology and security.
-
How to Build More Secure Service Brokers
Denise Yu highlights common threat assessment frameworks, drawing attention to potential vulnerabilities in service broker architecture, and offering system design guidelines and resources.
-
How to Use Encryption for Defense in Depth in Native and Browser Apps
Isaac Potoczny-Jones discusses the pros and cons of application-level and end-to-end encryption.
-
Building a DevSecOps Pipeline around Your Spring Boot Application
Hayley Denbraver looks into the tools, methodology, culture, and process changes to consider so that an organization is ready for the transformation needed for a DevSecOps pipeline.
-
Day 3: Security Auditing and Compliance
David Zendzian and Steve White discuss how to handle ongoing security requirements running on Cloud Foundry platforms.
-
Making Npm Install Safe
Kate Sills discusses how to minimize the risks of running third-party JavaScript.