Just as DevOps emerged to meet new business needs, new approaches in security are now needed to address the challenges of a DevOps-driven world. These new security approaches themselves must incorporate DevOps practices that rely on modularity, automation, standardization, auditability, and mirrored systems.
Performing Code Reviews helps to increase code quality, share knowledge and responsibility, and build better software and a better team. However, the big question remains – what is it we should be looking for? There are a lot of different things to consider. This article will list a wide range of items to check, and drill a little deeper into two specific areas: performance and security.
"Site Reliability Engineering - How Google Runs Production Systems" is an open window into Google's experience and expertise on running some of the largest IT systems in the world.
Our efforts to improve software development face the question what to focus on. We can’t be predictable if we are not adaptable. What we really need is to be predictably adaptable.
Learn two novel practices for continuous delivery to increase speed and reliability of software development and reduce risks: Latent-to-live code pattern and Forward compatible interim versions.
There is a lot of information about DevOp out there but little on tackling DevOps in financial organisations. This article presents lessons learnt rolling out DevOps in a large insurance organization.
In this week's podcast, professor Barry Burd talks to Shuman Ghosemajumder VP of product management at Shape Security on Security and Cyber-Crime at QCon New York 2016.
This is the second article of a two article series in which we try to work from an abstract level of IoT reference architectures towards a concrete architecture for actual use cases. 1
This article series explains how containers are actually being used within the enterprise.
Agile, with cross functional teams, has sounded the death knell for many test managers. While test management is largely irrelevant in agile, there is still a desperate need for test leadership.
InfoQ recently sat down with Adrian Mouat, author of “Using Docker”, and explored how containers can be best utilised within a typical software development lifecycle.
Xu Wang introduces HyperContainer, a runtime for running Docker images on any hypervisor, providing hardware-enforced isolation for multi-tenant environments.
CONTENT IN THIS BOX
PROVIDED BY OUR SPONSOR
Increase security on compromised platforms with Intel® SGX.
An Intel technology for application developers who are seeking to protect select code and data from disclosure or modification.
A Developer’s Perspective.
Developers have long been constrained by the security capabilities that major platform providers have exposed for application development. How Bromium and wolfSSL employ Intel® SGX to create more secure, next-generation solutions.
Learn more about the Intel SGX SDK, a collection of APIs, libraries, documentation, sample source code, and tools that allows software developers to create and debug Intel SGX enabled applications in C/C++.
Protect Application Code, Data, & Secrets from Attack.
Developers can partition their application into CPU hardened “enclaves” or protected areas of execution that increase security even on compromised platforms.
Intel Software Guard Extensions (SGX) for Dummies.
At its root, Intel® SGX is a set of new CPU instructions that can be used by applications to set aside private regions of code and data.