InfoQ Homepage Security Content on InfoQ
-
/articles/podcast-shuman-ghosemajumder/en/smallimage/logo-podcast.jpg)
The InfoQ Podcast: Shuman Ghosemajumder on Security and Cyber-Crime
In this week's podcast, professor Barry Burd talks to Shuman Ghosemajumder VP of product management at Shape Security on Security and Cyber-Crime at QCon New York 2016.
-
/articles/internet-of-things-reference-architecture-2/en/smallimage/logo.jpg)
A Reference Architecture for the Internet of Things (Part 2)
This is the second article of a two article series in which we try to work from the abstract level of IoT reference architectures towards the concrete architecture and implementation for selected use cases. This second article will show how to apply this architecture to real world use cases - one being in the field of smart homes, one in the field of insurance.
-
/articles/containers-hype-curve/en/smallimage/series-logo.jpg)
Article Series: Containers in the Real World - Stepping Off the Hype Curve
This article series explains how containers are actually being used within the enterprise. It dives into the core technology behind containers and how this is currently being used by developers, examines core challenges with deploying containers in the enterprise and the future of containerisation, and discusses the role unikernels are currently playing within leading-edge organisations.
-
/articles/test-management-revisited/en/smallimage/LOGO.jpg)
Test Management Revisited
The concept of test management sits awkwardly in agile, mostly because it’s a construct derived from the time when testing was a post-development phase, performed by independent testing teams. Agile, with its focus on cross functional teams, has sounded the death knell for many test managers. While test management is largely irrelevant in agile, there is still a desperate need for test leadership.
-
/articles/hypercontainer/en/smallimage/logo-Hyper.jpg)
Is HyperContainer the Answer for Cloud Native Applications?
Xu Wang introduces HyperContainer, a runtime for running Docker images on any hypervisor, providing hardware-enforced isolation for multi-tenant environments.
-
/articles/secure-continuous-integration-delivery-lifecycle/en/smallimage/logo.jpg)
Securing the Modern Software Delivery Lifecycle
Information security practice has evolved to be pretty good at granting and managing access to confidential information - by people. But automation is taking over, requiring a shift in how we think about securing our infrastructure and applications.
-
/articles/Security-Staff-2/en/smallimage/logo-devops.jpg)
Sourcing Security Superheroes: Part II: How Policy Can Enhance, Rather Than Hinder, Breach Detection
In theory, security policies put standards in place to protect organizations, stakeholders, and users. But in practice, security policy often becomes a distraction, forcing organizations to focus on satisfying the demands of a governing body or an auditor, rather than addressing real threats.
-
/articles/internet-of-things-reference-architecture/en/smallimage/logo.jpg)
A Reference Architecture for the Internet of Things
This is the first article of a two article series in which we try to work from the abstract level of IoT reference architectures towards the concrete architecture and implementation for selected use cases. This first article will cover the definition of a more concrete and comprehensible architecture whereas the second part will then apply this architecture to actual use cases.
-
/articles/towards-agile-software-architecture/en/smallimage/logo.jpg)
Towards an Agile Software Architecture
Boyan Mihaylov covers his experience when working with both traditional waterfall software architectures and agile ones. He depicts the similarities and differences between these with a focus on three areas: the specifics of the software architect role, the timespan of the software architecture, and the output of the software architecture.
-
/articles/devops-seamless-why-how-what/en/smallimage/2.jpg)
DevOps at Seamless: The Why, How, and What
The key thing about DevOps is understanding under which circumstances it should be introduced to your organization. Organizations that adopt DevOps go through a change that affects both processes and culture. This article focuses on why DevOps is needed, what concepts and values should support it, as well as how we implemented it at Seamless, what results we obtained and the challenges we faced.
-
/articles/adaptive-security-maths/en/smallimage/logo-mathematics.jpg)
The Mathematics of Adaptive Security
Enterprise security teams are charged with maintaining the “perfect” set of security policies. In their pursuit of the perfect security policy, they are often the department of slow (because the pursuit of perfection takes time). At the same time, “to err is human…”
-
/articles/tcp-syn-security-unauthorized-os/en/smallimage/logo2.jpg)
Packet Inspection for Unauthorized OS Detection in Enterprises
The authors discuss an approach that uses TCP SYN packets for OS fingerprinting to detect the presence of unauthorized OSs in an enterprise.