BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
Register Sign in

Unlock the full InfoQ experience

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources.

Log In
or

Don't have an InfoQ account?

Register
News Articles Presentations Podcasts Guides

Topics

Choose your language

QCon AI New York - image
QCon AI New York 2025

Go from AI demos to real engineering impact. Learn to embed LLMs, govern & scale securely.

SOLD OUT!

 InfoQ Architect Certification - image
InfoQ Architect Certification

Join Luca Mezzalira for this 5-week online cohort. Master socio-technical architecture leadership.

Save your spot.

 QCon London - image
QCon London 2026

Learn what works in AI, architecture, data, security & FinTech.

Early Bird ends Jan 13.

 QCon AI Boston - image
QCon AI Boston

Learn how leading engineering teams run AI in production—reliably, securely, and at scale.

Early Bird ends Jan 13.

InfoQ Homepage Security Content on InfoQ

News

RSS Feed
Newer Older

  • SOA: Beyond the Hype and SDL

    InfoQ sits down with Mohammad Akif, a Microsoft Architect Evangelist, to discuss the myths of SOA, common pitfalls in designing for SOA, J2EE and .NET interoperability and injecting the Security Development Lifecycle into enterprise development lifecycles.

    James Vastbinder
    on Dec 21, 2006

  • Presentation: Security Assertion Markup Language

    SAML has emerged as the gold standard for building Cross-Domain SSO solutions and is a key technology in the domain of federated identity management. This presentation from Javapolis presents the basic concepts of SAML including assertions, attributes, artifacts, bindings and profiles, the problems SAML solves, how it works in real life.

    Floyd Marinescu
    on Dec 15, 2006

  • RubySSPI is Big News for Ruby Developers on Windows

    Are you behind an ISA proxy that authenticates all traffic? This library enables your ruby scripts to authenticate with the proxy as the current user seamlessly. After a few simple steps, you should be able to successfully install things like Ruby on Rails by simply typying gem install rails, exactly how non-Windows users get to do.

    Obie Fernandez
    on Nov 14, 2006

  • Using Native Platform Security in Java 6

    Java 6 will enhance the ability to leverage the native security features of the underlying deployment platform. Included in Java 6 is the ability to access the Microsoft CryptoAPI, PKCS#11 services, use the native GSS-API implementation, and import and export PKCS#12 Keystores.

    Rob Thornton
    on Oct 18, 2006

  • Study Shows That 11% of Sites Are Vulnerable to SQL Injection Attacks

    In an informal study, Michael Sutton of SPI Dynamics was able to demonstrate that 80 out of 708 tested web sites were susceptible to SQL injection attacks.

    Jonathan Allen
    on Sep 30, 2006

  • IBM Buys Internet Security Systems

    Continuing the acquisition rampage, IBM acquires Internet Security Systems for 1.3 Billion in cash. In the past weeks, IBM has acquired Webify, Filenet and MRO systems. What does this acquisiton rampage suggest?

    Miko Matsumura
    on Aug 23, 2006

  • Collaboration Tools Free - But Vulnerable

    For the classic XP team, developers and their customer all work daily in the same room. But other methodologies are less stringent, and even XP teams sometimes need to find compromises. Enter collaborative technologies - where they are allowed. But take note: Bit9, Inc. has compiled a list of the top applications with known security vulnerabilities, including Skype and 4 messenger programs.

    Deborah Hartmann Preuss
    on Jul 04, 2006

  • Security and Reliability Techniques Revealed for Agile Teams

    Agile methods such as Extreme Programming (XP) and Agile Unified Process (AUP) do not explicitly address security and reliability, yet these are issues which are often critical to your success. It is possible to address these issues, and more, on software development teams while still remaining agile.

    Scott Ambler
    on Jun 14, 2006

  • Are XML Gateways Really the Answer?

    Andrew S. Townley explains the concepts behind XML gateways and takes a look at how they might be applied to address security issues in a large-scale SOA environment.

    Stefan Tilkov
    on Jun 01, 2006

  • Acegi Security System for Spring 1.0 is out

    Acegi Security 1.0 has just been released, after more than two and a half years of use in large production software projects, 70,000+ downloads and hundreds of community contributions. The Acegi framework is particularly useful with Spring, it offers authentication, authorization, instance-based access control, channel security and human user detection capabilities.

    Floyd Marinescu
    on May 30, 2006
Newer News
Older News
BT