InfoQ Homepage Security Content on InfoQ
-
Microsoft Launches Azure Confidential VMs with NVIDIA Tensor Core GPUs for Enhanced Secure Workloads
Microsoft's Azure has launched the NCC H100 v5 virtual machines, now equipped with NVIDIA Tensor Core GPUs, enhancing secure computing for high-performance workloads. These VMs leverage AMD EPYC processors for robust data protection, making them ideal for tasks like AI model training and inferencing, while ensuring a trusted execution environment for sensitive applications.
-
JFrog Integrates Runtime Security for Enhanced DevSecOps Platform
JFrog has introduced JFrog Runtime to its suite of security capabilities, adding real-time vulnerability detection to its software supply chain platform. This update is aimed at developers and DevSecOps teams working with Kubernetes clusters and cloud-native applications.
-
Elastic and Google Cloud Collaborate for Enhanced Security Analytics
Recently, Elastic and Google Cloud discussed their partnership to deliver a comprehensive security solution. This collaboration merges the Elastic Search AI Platform with Google Cloud's scalable and secure infrastructure, establishing a security platform designed to safeguard hybrid workloads.
-
AWS Introduces Logically Air-Gapped Vault for Enhanced Data Security
AWS recently announced the public preview of AWS Backup logically air-gapped vault, a new type of vault that can be shared for recovery with other accounts using AWS Resource Access Manager (RAM).
-
GhostWrite Vulnerability in C910 and C920 RISC-V CPUs
CISPA security researchers have discovered a vulnerability they’ve called ‘GhostWrite’ that’s caused by a hardware bug in T-Head’s XuanTie C910 and C920 RISC-V CPUs. Vector extensions that are supposed to provide translation of virtual memory addresses to physical addresses don’t work, meaning that an attacker can gain access to the contents of memory and any attached devices.
-
AWS Launches Open-Source Agent for AWS Secrets Manager
Amazon Web Services (AWS) has launched a new open-source agent for AWS Secrets Manager. According to the company, this agent simplifies the process of retrieving secrets from AWS Secrets Manager, enabling secure and streamlined application access.
-
Microsoft Entra Suite Now Generally Available: Identity and Security Based Upon Zero-Trust Models
Microsoft has announced the general availability of its Entra Suite. According to the company, the suite provides a solution that integrates identity and security, facilitating a more unified approach to security operations.
-
JEP 472: Prepare to Restrict the Use of JNI in JDK 24
JEP 472, now Proposed to Target, aims to issue warnings for using the Java Native Interface (JNI) and adjust the Foreign Function & Memory (FFM) API for consistent warnings. This prepares developers for future releases that restrict JNI and the FFM API to ensure integrity by default.
-
InfoQ Dev Summit Boston: Optimizing Java Applications on Kubernetes - Beyond the Basics
At the InfoQ Dev Summit in Boston, Bruno Borges, who has been principal PM manager at Microsoft for over six years, shared insights on optimizing Java applications on Kubernetes. His session focused primarily on leveraging JVM ergonomics, understanding the impact of CPU throttling, and effectively managing garbage collection processes.
-
AWS Adds Passkey Support for Enhanced Security, Enforces MFA for Root Users
AWS has recently announced two new security features. First, passkeys can now be used for multi-factor authentication (MFA) for root and IAM users, providing additional security beyond just a username and password. Second, AWS now requires MFA for root users, starting with the root user account in an AWS Organization. This requirement will be expanded to other accounts throughout the year.
-
Elastic Automates SIEM Investigations with Tines
Elastic's information security team recently detailed their workflow automation using Tines, aimed at improving their ability to identify and respond to cybersecurity threats. The system automatically triages alerts from its Security Information and Event Management (SIEM) system, enhancing the ability to identify and prioritize real threats.
-
Introducing New SKUs for Microsoft Azure Bastion: Developer and Premium Options Now Available
Microsoft recently announced new SKUs for its Azure Bastion service: a Developer SKU that is now generally available (GA) after its public preview last year and a premium SKU being rolled out in a public preview.
-
InfoQ Dev Summit Munich: Learn from German Automotive, Banking, and TelCo Software Practitioners
InfoQ Dev Summit Munich is a two-day in-person software development conference for senior software engineers, architects, and team leaders in the Bavarian capital on September 26th and 27th. The sessions will cover critical topics such as generative AI and platform engineering, with use cases from the German automotive, banking, and telecommunication industries.
-
The Guardian's Deep Dive into Qubes OS: a Secure Solution for Whistleblowing and Journalism
The Guardian's engineering team recently shared their experience with Qubes OS, a security-focused desktop operating system. The engineering team configured the Quebes workstations utilizing SaltStack, the default management engine in the Quebes OS.
-
NIST Launches Program to Discriminate How Far from "Human-Quality" are Gen AI Generated Summaries
NIST launched a public Gen AI evaluation program for systems developed by the international research community. The pilot program focuses on systems that can generate human-like summaries from multiple documents, or discriminators to identify whether a summary was AI-generated. For now, information about text-to-text modality is available. The registration closes in May.