BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
Register Sign in

Unlock the full InfoQ experience

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources.

Log In
or

Don't have an InfoQ account?

Register
News Articles Presentations Podcasts Guides

Topics

Choose your language

QCon AI New York - image
QCon AI New York 2025

Go from AI demos to real engineering impact. Learn to embed LLMs, govern & scale securely.

SOLD OUT!

 InfoQ Architect Certification - image
InfoQ Architect Certification

Join Luca Mezzalira for this 5-week online cohort. Master socio-technical architecture leadership.

Save your spot.

 QCon London - image
QCon London 2026

Learn what works in AI, architecture, data, security & FinTech.

Early Bird ends Dec 20.

 QCon AI Boston - image
QCon AI Boston

Learn how leading engineering teams run AI in production—reliably, securely, and at scale.

Early Bird ends Jan 13.

InfoQ Homepage Security Content on InfoQ

News

RSS Feed
Newer Older

  • SQL Server 2016: Row-Level Security

    A common criticism for SQL Server’s security model is that it only understands tables and columns. If you want to apply security rules on a row-by-row basis, you have to simulate it using stored procedures or table value functions, and then find a way to make sure there is no way to bypass them. With SQL Server 2016, that is no longer a problem.

    Jonathan Allen
    on Jun 17, 2015

  • SQL Server 2016: Always Encrypted

    SQL Server 2016 seeks to make encryption easier via its new Always Encrypted feature. This feature offers a way to ensure that the database never sees unencrypted values without the need to rewrite the application.

    Jonathan Allen
    on Jun 16, 2015

  • Google Introduces Smart Lock for Passwords

    Google has announced at I/O 2015 the Google Identity Platform, a collection of tools and APIs for managing identities and dealing with authentication and authorization across Android, iOS and web applications.

    Abel Avram
    on Jun 02, 2015

  • Security Vulnerabilities in Docker Hub Images

    BanyanOps have published a report stating that ‘Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities’, which include some of the sensational 2014 issues such as ShellShock and Heartbleed. The analysis also looks at user generated ‘general’ repositories and finds an even greater level of vulnerability.

    Chris Swan
    on May 29, 2015

  • Netflix's FIDO Guards Against Security Incidents

    The Netflix team has released FIDO -- an open source system for automatically analysing security events. Not to be confused with FIDO Alliance, Netflix's platform stands for Fully Integrated Defense Operation, the platform's Github describes FIDO as "an orchestration layer used to automate the incident response process by evaluating, assessing and responding to malware."

    James Chesters
    on May 19, 2015

  • Serious Red Hat Linux Bug Affects Haswell-based Servers

    Users and administrators of Red Hat-based Linux distributions version 6.6 should plan to update their systems as soon as possible due to the presence a significant bug that cause their system to deadlock.

    Jeff Martin
    on May 19, 2015

  • VENOM Vulnerability Threatens Several Major VM Hosts

    Users of the popular virtual machine tools Xen, KVM, VirtualBox, and QEMU are urged to patch their systems as soon as possible due to a newly found bug that exposes flaws in the code providing virtual floppy disk support. The VENOM vulnerability affects all operating systems that are hosting these environments.

    Jeff Martin
    on May 19, 2015

  • Docker Security Benchmark

    Docker Inc have worked with the Center for Internet Security (CIS) to produce a benchmark document containing numerous recommendations for the security of Docker deployments. The benchmark was announced in a blog post ‘Understanding Docker Security and Best Practices’ by Diogo Mónica who was recently hired along with Nathan McCauley to lead the Docker Security team.

    Chris Swan
    on May 08, 2015

  • Spring Security 4.0: WebSocket, Spring Data and Test Support

    The Spring Security team released Spring Security 4.0.0, adding several new features as well as more default security. Major themes include WebSocket Security, Spring Data integration, better testing support and the introduction of Spring Session as a new (Apache licensed) open source project.

    Matt Raible
    on Apr 21, 2015
  • Cloud

    Atlassian's Stash Data Center Offers High Availability and Scalability for Git

    Atlassian recently released Stash Data Center, a highly available and horizontally scalable deployment option for its on-premises source code and Git repository management solution Stash. New nodes can be added without downtime to provide active-active clustering and instant scalability.

    Steffen Opel
    on Apr 15, 2015

  • Chrome 42 Disables NPAPI and Related Plug-ins: Java, Unity, Silverlight

    As outlined in the NPAPI Deprecation Guide, Chrome 42, which was due this month and was recently released to the stable channel, has disabled support for the Netscape Plug-in API. The reason is that NPAPI “has become a leading cause of hangs, crashes, security incidents, and code complexity” and the intent was first announced in 2013.

    Abel Avram
    on Apr 15, 2015

  • Firefox 37 Brings Native Playback of HTML5 Video

    Mozilla has released Firefox 37, bringing native playback of HTML5 video for Windows, and many security changes.

    James Chesters
    on Apr 13, 2015

  • Lenovo Responds to Superfish Vulnerability

    Lenovo has responded to the criticism of the Superfish software pre-loaded onto its computers with advice on how to remove the offending tool. But what was the issue, and why was it pre-loaded in the first place? InfoQ investigates. Meanwhile, Microsoft has pushed out a definition of Microsoft Defender to remove Superfish and its root certificate.

    Alex Blewitt
    on Feb 20, 2015

  • Atlassian Launches HipChat Server for Team Collaboration Behind the Firewall

    Development and collaboration software vendor Atlassian recently launched HipChat Server, an on-premise version of its text, audio and video chat, file and screen sharing, as well as third party integration offering for team collaboration.

    Steffen Opel
    on Feb 17, 2015

  • Android Developers Now Can Test WebView before It Is Released

    Google has made Android WebView available as a standalone application for developers willing to test it.

    Abel Avram
    on Feb 17, 2015
Newer News
Older News
BT