InfoQ Homepage Security Content on InfoQ

Presentations

RSS Feed

Newer Older

DevOps

Trust No One: Securing the Modern Software Supply Chain with Zero Trust

Emma Yuan Fang discusses how to apply Zero Trust principles to secure the software supply chain and CI/CD pipeline, detailing mitigation for major attacks like SolarWinds and dependency confusion.

Emma Yuan Fang
on Nov 21, 2025

Icon

47:21
DevOps

The Way We Manage Compliance is Wrong… and is Changing! Bringing DevOps Principles to Controls and Audit

Ian Miell shares the open-source Continuous Compliance Framework, discussing how to revolutionize audits. He explains shifting from periodic checks to continuous monitoring with DevOps and OSCAL.

Ian Miell
on Oct 31, 2025

Icon

48:44
DevOps

Secure by Design: Building Security into Engineering Workflows and Teams

Stefania Chaplin discusses how to build security into engineering workflows and teams. She shares how to achieve a security-first culture by focusing on people, processes, and technology.

Stefania Chaplin
on Sep 12, 2025

Icon

49:45
Architecture & Design

Designing for Defense: Architecting APIs with Zero Trust Principles

Renato Losio and security experts discuss designing for defense and architecting APIs with Zero Trust principles, covering challenges, common vulnerabilities, and practical advice for developers.

Nivedita Murthy Zsolt Németh Katie Paxton-Fear Ben Bridts Renato Losio
on Jul 16, 2025

Icon

01:01:46
DevOps

One Network: Cloud-Agnostic Service and Policy-Oriented Network Architecture

Anna Berenberg reveals Google's shift to One Network, streamlining diverse infrastructures to enhance developer velocity and policy management.

Anna Berenberg
on Jul 10, 2025

Icon

44:42
Culture & Methods

Security or Convenience - Why Not Both?

Dorota Parad discusses the BLISS framework for security, showing senior developers and leaders how to enhance security while boosting engineering productivity and minimizing operational friction.

Dorota Parad
on Jul 03, 2025

Icon

38:08
Cloud

Visibility in Cloud Security: How Exactly Are Our Cloud Environments Configured?

Danielle Sudai discusses Cloud Security Posture Management (CSPM), its lifecycle (inventory, scan, notify), and how it helps developers prevent cloud security incidents.

Danielle Sudai
on May 07, 2025

Icon

36:29
Cloud

Cloud Attack Emulation: Leveraging the Attacker’s Advantage for Effective Defense

Kennedy Torkura discusses cloud attack emulation, the attacker's perspective, and threat-informed defense for stronger cloud security.

Kennedy Torkura
on Apr 30, 2025

Icon

47:54
AI, ML & Data Engineering

LLM and Generative AI for Sensitive Data - Navigating Security, Responsibility, and Pitfalls in Highly Regulated Industries

Stefania Chaplin and Azhir Mahmood discuss responsible, secure, and explainable AI in regulated industries. Learn MLOps, legislation, and future trends.

Stefania Chaplin Azhir Mahmood
on Apr 17, 2025

Icon

43:50
Architecture & Design

Comprehensive Approaches to Software Supply Chain Security

Mykhailo Brodskyi discusses critical software supply chain security risk categories relevant to FinTech and explains effective mitigation strategies. Real case studies & demo included.

Mykhailo Brodskyi
on Apr 09, 2025

Icon

50:10
Development

Dare Mighty Things: What NASA's Endeavors Teach Us about the Power of Calculated RISCs

Khawaja Shams explores the essence of calculated risks, discussing why these risks are worth taking, how to identify and mitigate potential downsides, and the characteristics of good risks.

Khawaja Shams
on Mar 14, 2025

Icon

42:55
Development

A Zero Trust Future for Applications: Practical Implementation and Pitfalls

Ashish Rajan shares a practical guide to working on zero trust, exploring where it fails before it starts and where engineers should see quick wins. Surprisingly, the answer is not really DevSecOps.

Ashish Rajan
on Feb 25, 2025

Icon

46:00

Newer Presentations

Older Presentations

InfoQ Software Architects' Newsletter

Presentations