InfoQ Homepage Security Content on InfoQ
-
/articles/hypercontainer/en/smallimage/logo-Hyper.jpg)
Is HyperContainer the Answer for Cloud Native Applications?
Xu Wang introduces HyperContainer, a runtime for running Docker images on any hypervisor, providing hardware-enforced isolation for multi-tenant environments.
-
/articles/secure-continuous-integration-delivery-lifecycle/en/smallimage/logo.jpg)
Securing the Modern Software Delivery Lifecycle
Information security practice has evolved to be pretty good at granting and managing access to confidential information - by people. But automation is taking over, requiring a shift in how we think about securing our infrastructure and applications.
-
/articles/Security-Staff-2/en/smallimage/logo-devops.jpg)
Sourcing Security Superheroes: Part II: How Policy Can Enhance, Rather Than Hinder, Breach Detection
In theory, security policies put standards in place to protect organizations, stakeholders, and users. But in practice, security policy often becomes a distraction, forcing organizations to focus on satisfying the demands of a governing body or an auditor, rather than addressing real threats.
-
/articles/internet-of-things-reference-architecture/en/smallimage/logo.jpg)
A Reference Architecture for the Internet of Things
This is the first article of a two article series in which we try to work from the abstract level of IoT reference architectures towards the concrete architecture and implementation for selected use cases. This first article will cover the definition of a more concrete and comprehensible architecture whereas the second part will then apply this architecture to actual use cases.
-
/articles/towards-agile-software-architecture/en/smallimage/logo.jpg)
Towards an Agile Software Architecture
Boyan Mihaylov covers his experience when working with both traditional waterfall software architectures and agile ones. He depicts the similarities and differences between these with a focus on three areas: the specifics of the software architect role, the timespan of the software architecture, and the output of the software architecture.
-
/articles/devops-seamless-why-how-what/en/smallimage/2.jpg)
DevOps at Seamless: The Why, How, and What
The key thing about DevOps is understanding under which circumstances it should be introduced to your organization. Organizations that adopt DevOps go through a change that affects both processes and culture. This article focuses on why DevOps is needed, what concepts and values should support it, as well as how we implemented it at Seamless, what results we obtained and the challenges we faced.
-
/articles/adaptive-security-maths/en/smallimage/logo-mathematics.jpg)
The Mathematics of Adaptive Security
Enterprise security teams are charged with maintaining the “perfect” set of security policies. In their pursuit of the perfect security policy, they are often the department of slow (because the pursuit of perfection takes time). At the same time, “to err is human…”
-
/articles/tcp-syn-security-unauthorized-os/en/smallimage/logo2.jpg)
Packet Inspection for Unauthorized OS Detection in Enterprises
The authors discuss an approach that uses TCP SYN packets for OS fingerprinting to detect the presence of unauthorized OSs in an enterprise.
-
/articles/git-enterprise/en/smallimage/logo.jpg)
Version Control, Git, and your Enterprise
This article is about understanding Git – both its benefits and limits – and deciding if it’s right for your enterprise. It is intended to highlight some of the key advantages and disadvantages typically experienced by enterprises and presents the key questions to be contemplated by your enterprise in determining whether Git is right for you and what you need to consider in moving to Git.
-
/articles/leadership/en/smallimage/logo-2.jpg)
Author Q&A on Leading without Authority
Tathagat Varma, shares his experience of working as an individual contributor at a deeper leadership level. He refers to this as an "Individual Leader". This post explains how to lead without authority.
-
/articles/freebsd-design-implementation-review/en/smallimage/ShowCover.jpg)
The Design and Implementation of the FreeBSD Operating System, Review and Q&A with Authors
The Design and Implementation of the FreeBSD Operating System is a long awaited update to a successful and authorative guide to the FreeBSD kernel. The second edition covers all major improvements between FreeBSD version 5 and 11 and, according to the publisher, it has been extensively rewritten for one-third of its content, while another one-third is completely new.
-
/articles/anonize-large-scale-anonymous-survey-system/en/smallimage/logo-ieee.jpg)
An Overview of ANONIZE: A Large-Scale Anonymous Survey System
In this article, authors discuss an ad hoc anonymous and secure survey system called Anonize that can be used in applications like university course evaluations, online product reviews, and whistleblowing.