BT
DevOps Follow 703 Followers

Kubernetes 1.8 Improves Security, Stability and Workloads

by Unni Sathyarajan Follow 1 Followers on  Nov 28, 2017

The Kubernetes team has released version 1.8, which focuses on improved security and better stability, and has moved the Workloads API to beta. New mature features include role-based access control (RBAC), support for volume mount options, allowing privilege escalation, and support for high-level volume operation metrics.

Architecture & Design Follow 1868 Followers

GitHub Launches Security Alerts

by Andrew Morgan Follow 3 Followers on  Nov 25, 2017

GitHub has launched a new security alerts feature which will scan a project's dependencies for known vulnerabilities. Once found, users will be automatically alerted and presented with more information about the vulnerability, including its severity level and resolution steps.

DevOps Follow 703 Followers

Creating and Enforcing "Policy as Code" with HashiCorp Sentinel

by Daniel Bryant Follow 632 Followers on  Nov 24, 2017

HashiCorp have released Sentinel, an embedded “policy as code” framework that is integrated within the HashiCorp Enterprise products. Sentinel enables “fine-grained, logic-based policy decisions” that can be used to automatically audit and enforce organisational, compliance or security policies when working with Infrastructure as Code and other HashiCorp platform tooling.

DevOps Follow 703 Followers

Secure Microkernel seL4 Reaches Version 7

by Kevin Neaton Follow 2 Followers on  Oct 31, 2017

Version 7.0.0 of the seL4 high-assurance microkernel has been released, bringing with it an alternate CMake-based build system with support for out-of-tree builds and interactive configuration.

Mobile Follow 133 Followers

Apple Details Face ID Security

by Sergio De Simone Follow 13 Followers on  Sep 29, 2017

Apple has described how Face ID works and how it guarantees security in a new white paper.

HTML5 Follow 60 Followers

W3C Publishes DRM as a Recommendation

by David Iffland Follow 4 Followers on  Sep 22, 2017

After a divided vote, the World Wide Web Consortium has adopted Encrypted Media Extensions as a full recommendation, formalizing closed-source Digital Rights Management into the specification. In response, the EFF has resigned from the W3C.

Architecture & Design Follow 1868 Followers

Spotify and Google Release Forseti GCP Security Tools

by Andrew Morgan Follow 3 Followers on  Sep 18, 2017

Google has opened up Forseti Security, a set open source tools for Google Cloud Platform (GCP) security, to all GCP users. The project is the result of a collaborative effort from both Spotify and Google, combining what was originally separate work together into a single toolkit. It aims to automate security processes for developers in order for them to develop more freely.

.NET Follow 324 Followers

String Interpolation in Entity Framework Raises Concerns

by Jonathan Allen Follow 529 Followers on  Sep 18, 2017 1

One of the new features in Entity Framework Core 2 is the ability to automatically convert interpolated strings into parameterized SQL. Though designed to avoid problems with poorly written SQL, it is feared that it may actually lead to more SQL injection attacks.

Java Follow 830 Followers

Java EE Security API (JSR-375) Approved

by Matt Raible Follow 11 Followers on  Sep 07, 2017

The Java EE Security API, JSR 375, was approved in early August. All members of the JCP Executive Committee voted “Yes”, with zero “No” votes. Intel Corp. did not vote on the JSR.

Cloud Follow 251 Followers

Microsoft Announces Coco Framework for Enterprise Blockchain Networks

by Kent Weare Follow 9 Followers on  Aug 20, 2017

In a recent blog post, Microsoft announced a new open framework, called Coco, which targets enterprise consortium networks. The framework sits on top of existing blockchain platforms, such as Ethereum, and focuses on improving network throughput, adding new confidentiality models, network policy management and support for non-deterministic transactions.

Cloud Follow 251 Followers

Amazon CloudWatch Events Gains Cross-Account Event Delivery

by Steffen Opel Follow 3 Followers on  Jul 31, 2017

Amazon Web Services (AWS) recently added cross-account event delivery to Amazon CloudWatch Events to support use cases such as the tracking of events across an entire organization and the handling of events in separate accounts to implement advanced security schemes.

DevOps Follow 703 Followers

Active Management of Open Source Components Delivers Measurable Improvements Claims Sonatype Report

by Helen Beal Follow 4 Followers on  Jul 31, 2017

When organisations actively manage the quality of open source components in software applications they see a 28% improvement in developer productivity (through reduction in manual governance), a 30% reduction in overall development costs, and a 48% increase in application quality (as application vulnerabilities are removed early reducing their incidence in production).

Cloud Follow 251 Followers

AWS Web Application Firewall: Bolt-on Security for Insecure Websites

by Elton Stoneman Follow 2 Followers on  Jul 28, 2017

AWS Web Application Firewall inspects traffic coming into your web application, looking for suspicious activity. It can pass good requests onto your application and block requests that match common attack vectors - like SQL injection. WAF can add a layer of security onto an existing application without changing the app.

.NET Follow 324 Followers

Microsoft Previews Bug and Security Risk Detection on Windows and Linux

by Abel Avram Follow 7 Followers on  Jul 22, 2017

Microsoft has made available Project Springfield as an Azure service preview called Microsoft Security Risk Detection (MSRD) for detecting code bugs and security vulnerabilities in Windows and Linux applications.

Web API Follow 231 Followers

Zenedge Releases API Security Solution with Native SDKs

by Shelby Switzer Follow 0 Followers on  Jul 21, 2017

Zenedge, a cybersecurity provider of AI-driven Web Application Firewall, malicious bot detection, and bot management services, has recently released an API Security solution with native SDKs for web and mobile.

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT