InfoQ Homepage Security Content on InfoQ
-
.NET News Roundup - Week of May 3rd, 2021
This past week was marked by a new Visual Studio Code release and Pure Virtual C++, a virtual event hosted by Microsoft. InfoQ examined this and a number of smaller stories in the .NET ecosystem from the week of May 3rd, 2021.
-
CNCF Publishes Latest Technology Radar Focused on Secrets Management
CNCF published the fourth edition of the end-user Technology Radar. This time the theme was secrets management: the set of tools and technologies to manage digital authentication. The purpose of this edition is to share what tools are used by end-users, the tools they recommend, and any patterns that emerged.
-
Post-Quantum Cryptography: Q&A with Jean-Philippe Aumasson
While quantum computing is still in its infancy, post-quantum cryptography is a field of growing interest for companies and research institutions. InfoQ has spoken with cryptography researcher Jean-Philippe Aumasson to understand where post-quantum crypto is headed.
-
HashiCorp Announces the General Availability of HCP Vault on AWS
Recently, HashiCorp announced the general availability of their fully-managed Vault service for AWS environments on the HashiCorp Cloud Platform (HCP). With Vault, customers can leverage a SaaS service with secret management and encryption capabilities.
-
Rust to Provide New Foundations for Android OS Security
Google will use Rust to prevent memory bugs in the Android OS, one of the most frequent causes of security vulnerabilities. As a first step in this direction, the Android Open Source Project now supports Rust as an OS development language.
-
Cloudflare Announcement Helps Customers Protect against Online Threats, Such as Digital Skimmers
Cloudflare announces a new service called Page Shield. Page Shield is a client-side security offering that helps websites protect their users' information from supply chain and client-side attacks, such as Magecart. It joins tools like CSP and SRI as ways to protect against these types of attacks.
-
Microsoft Releases Azure Attestation into General Availability
Microsoft recently announced the general availability of Azure Attestation, a unified solution for remotely verifying the trustworthiness of a platform and the integrity of the binaries running inside it.
-
The Cloud Trust Paradox According to Google Cloud
In a series of three technical articles, Google Cloud has recently discussed how to trust cloud providers, covering the concepts of customer trust, security key management and scenarios where keeping encryption keys off the cloud may be necessary.
-
Sandboxing and Other Measures to Harden iMessage on iOS and macOS
After being hit by a 0-click exploit in iMessage last year, Apple has been hard at work to improve the security of its platform. One of the major changes in iOS 14 is BlastDoor, a tightly sandboxed service responsible for parsing all untrusted messages, along with randomization of the shared cache region containing system libraries, and exponential throttling to counter brute-force attacks.
-
HashiCorp Announces Public Beta of HCP Vault
In a recent blog post, HashiCorp announced the public beta of HashiCorp Vault on its Cloud Platform (HCP). With Vault, customers can leverage a managed cloud service to provide them with secret management and encryption capabilities.
-
Sysdig: Container Security Shifting Left, Docker Usage Shrinking
Sysdig 2021 container security and usage report highlights a trend for container security to shift left. Yet, many of the analyzed images are still lacking in basic security provisions.
-
AWS Introduces Nitro Enclaves, Isolated EC2 Environments for Confidential Computing
AWS has recently made available Nitro Enclaves, isolated EC2 environments to process confidential data. Based on a lightweight Linux OS, a Nitro Enclave is a hardened, attested and highly constrained virtual machine.
-
Cloudflare Releases a Cloud-Based Network-as-a-Service Solution: Cloudflare One
Cloudflare, an American web-infrastructure and website-security company, recently introduced a cloud-based network-as-a-service solution for the enterprise workforce called Cloudflare One. The solution provides secure, fast, reliable, cost-effective network services, integrated with leading identity management and endpoint security providers.
-
GitHub Code Scanning Is out of Beta
One year ago GitHub announced the acquisition of Semmle, maker of a semantic code analysis engine powered by the Semmle QL query language. After a few months in beta, GitHub is now announcing the availability of its new CodeQL-based code scanning capability for all public and private repos.
-
New COOP and COEP Cross-Origin Policies for Increased Security in Chrome and Firefox
Eiji Kitamura recently addressed in a talk at Google’s web.dev live the new COOP and COEP policies that dictate how browsers handle cross-origin resources. The new opener (COOP) and embedded (COEP) policies set up a cross-origin isolated environment that protects against Spectre attacks while restoring powerful, previously disabled features (SharedArrayMemoryBuffer and more).