BT

Java Champions Receive Free IntelliJ IDEA Licenses

by Matt Raible on  May 13, 2016

Being a Java Champion has its perks, and thanks to the generosity of JetBrains, a free license for IntelliJ IDEA is now one of them. The Champions are the latest in the list of groups earning this special JetBrains premium, which also includes approved open source projects, students, and teachers.

Docker Security Scanning

by Chris Swan on  May 10, 2016

Docker Inc have announced general availability of Docker Security Scanning, which was previously known as Project Nautilus. The release comes alongside an update to the CIS Docker Security Benchmark to bring it in line with Docker 1.11.0, and an updated Docker Bench tool for checking that host and daemon configuration match security benchmark recommendations.

GitLab Discloses Critical Vulnerability, Provides Patch

by Sergio De Simone on  May 04, 2016

GitLab has just announced a fix for a number of important security fixes, including a critical privilege escalation, and strongly recommends that all GitLab installations from version 8.2 onwards be upgraded immediately. InfoQ has spoken with GitLab’s Stan Hu, VP of Engineering.

DevOps Days for the Enterprise

by Manuel Pais on  Apr 30, 2016

Last week saw the first DevOps Days conference catering specifically to the enterprise world, in London. Talks ranged from re-thinking (traditional) management processes in a technology-disrupted world to facts and drivers of DevOps adoption by early adopters. The idea of bi-modal IT was also discussed throughout the conference, as well as need for better security and opinionated platforms.

Vulnerability in Java Reflection Library Fixed after 30 Months

by Abraham Marín Pérez on  Apr 28, 2016 4

In July 2013 Security Explorations discovered a vulnerability in Java by which attackers could elevate their access privileges. Oracle released a patch, but a simple modification was discovered that still makes the attack effective. Once known, Oracle released a patch as part of 8u77. In this article we investigate the little understood class loading process at the heart of the problem.

Lessons Learned at the O’Reilly Software Architecture Conference: Day One

by Daniel Bryant on  Apr 15, 2016

This article presents a review of the first day at the O'Reilly Software Architecture conference, held in New York City 12-13th April. Sessions summarised include, ‘blah, blah... microservices...blah, blah’, ‘the evolution of evolutionary architecture’, ‘Death Star Security’, ‘Twelve Patterns for Hypermedia Architecture’, ‘Architecture Without an End State’ and 'Leading Simplicity'.

Capital One Launches Developer Platform

by Benjamin Young on  Apr 07, 2016

Capital One launched the DevExchange Beta developer site and initial API offering last month.

.NET 4.6.2 Preview Brings Security and WPF Features

by Jonathan Allen on  Apr 05, 2016 2

While most of the attention is on .NET Core, work continues on the original .NET Framework. Recently released as a preview, version 4.6.2 is primarily focused on security and WinForms/WPF related features.

Microsoft Reaches New Milestone in Delivering Trusted Cloud Services

by Kent Weare on  Mar 28, 2016

Microsoft recently announced an expansion of their Azure regions world-wide. The number of regions announced now sits at 30, with 22 being generally available (GA). The most recent wave, of Azure regions, focuses on trusted environments for government customers or regions with specific privacy needs.

NPM Worm Vulnerability Disclosed

by Alex Blewitt on  Mar 26, 2016 2

The NPM project has formally acknowledged a long-standing security vulnerability in which it is possible for malicious packages to run arbitrary code on developer's systems, leading to the first NPM created worm. With the recent problems with NPM, is it safe to use any more? InfoQ investigates.

Apple and FBI Court Appearance Postponed

by Alex Blewitt on  Mar 22, 2016

The court appearance between Apple and the FBI, originally scheduled for later today, has been postponed a week until after Easter, following a request from the FBI to defer.

Bootable Apps for Immutable Infrastructure and Security

by Manuel Pais on  Mar 15, 2016

Axel Fontaine on the "Bootable App" pattern, a bare bones machine image for deploying immutable infrastructure to the cloud. This minimal image covers all layers of the stack, including OS kernel, libraries and runtime environment but still has a small footprint, reducing both image upload time and storage costs while also significantly reducing the attack surface on running instances.

New Security Capabilities Available in Azure Operations Management Suite

by Kent Weare on  Mar 13, 2016

On February 25th, 2016 Microsoft announced updates to their Operations Management Suite (OMS). The updates, in this particular iteration of the service, are focused on the security and audit portions of the suite and target the user experience, additional capabilities and features.

All Things Containers From Solaris Zones to Docker

by Rags Srinivas on  Mar 07, 2016

InfoQ's Rags Srinivas caught up with Bryan Cantrill a day after the Containers Summit at New York City and discussed all things containers from Solaris Zones to Docker.

Apple, FBI Testify before Congress

by Alex Blewitt on  Mar 01, 2016

Apple and the FBI have appeared before the House Committee on the Judiciary Hearings to argue over the legalities of whether Apple should be compelled to create an insecure version of iOS to allow the FBI to break into a suspect's phone. InfoQ has been watching the live video stream and summarises the outcome.

General Feedback
Bugs
Advertising
Editorial
Marketing
InfoQ.com and all content copyright © 2006-2016 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT