Sourcing Security Superheroes: Part II: How Policy Can Enhance, Rather Than Hinder, Breach Detection
In theory, security policies put standards in place to protect organizations, stakeholders, and users. But in practice, security policy often becomes a distraction, forcing organizations to focus on satisfying the demands of a governing body or an auditor, rather than addressing real threats.
This is the first article of a two article series in which we try to work from the abstract level of IoT reference architectures towards the concrete architecture and implementation for selected use cases. This first article will cover the definition of a more concrete and comprehensible architecture whereas the second part will then apply this architecture to actual use cases.
Boyan Mihaylov covers his experience when working with both traditional waterfall software architectures and agile ones.
This article focuses on why DevOps is needed, what concepts and values should support it, as well as how we implemented it at Seamless, what results we obtained and the challenges we faced.
Enterprise security teams are charged with maintaining the “perfect” set of security policies. In their pursuit of the perfect security policy, they are often the department of slow. 1
The authors discuss an approach that uses TCP SYN packets for OS ﬁngerprinting to detect the presence of unauthorized OSs in an enterprise. 3
This article discusses the key questions to be contemplated by your enterprise in determining whether Git is right for you and what you need to consider in moving to Git.
Tathagat Varma, shares his experience of working as an individual contributor at a deeper leadership level. This post explains how to lead without authority. 2
The Design and Implementation of the FreeBSD Operating System is a long awaited update to a successful and authorative guide to the FreeBSD kernel that covers all major new features up to FreeBSD 11.
In this article, authors discuss ad hoc anonymous & secure survey system called Anonize that can be used in applications like university course evaluations, online product reviews, and whistleblowing.
By changing the inner workings from a project perspective to a product perspective Agfa Healthcare established a less complicated process using a single backlog for the entire organisation.
Little’s Law helps teams that use user stories for planning and tracking project execution, with a project buffer to manage inherent uncertainty of a fixed-bid project and protect its delivery date. 4
CONTENT IN THIS BOX
PROVIDED BY OUR SPONSOR
Introducing Intel® SGX - Hardware Assisted Security for the Application Layer.
Numecent, Bromium, and wolfSSL employ Intel® Software Guard Extensions (Intel® SGX) to create more secure, next-generation solutions.
Intel Software Guard Extensions (SGX) for Dummies.
At its root, Intel® SGX is a set of new CPU instructions that can be used by applications to set aside private regions of code and data.
Protect Application Code, Data, & Secrets from Attack.
CPU-enhanced Application Security Product Brief.
Learn more about the Intel SGX SDK, a collection of APIs, libraries, documentation, sample source code, and tools that allows software developers to create and debug Intel SGX enabled applications in C/C++.