Alasdair Allan discusses the security problems when building Internet of Things devices, and the underlying differences between the IoT and the digital Internet that drive those security issues.
Adam Wick talks about his team’s experience developing CyberChaff, a novel network defense solution with unikernels built into its core and why unikernels made sense for them.
Heidi Waterhouse discusses seven issues to tackle during project development: Localization, Security, Extensibility, Documentation, Affordance, Acceptance, Accessibility.
Mark Paluch discusses keeping the security bar high while running services that require secrets, securely sharing and managing secrets (certificates, passwords, keys) using Vault and Spring Boot.
Albert Yu presents a few viable, usable and effective defensive techniques that developers have often overlooked.
Filip Hanik and Sree Tummidi talk about the OpenID Connect and OAuth 2, sharing their experiences building the CF User Authentication and Account management project, and OpenID Connect implementation.
Jason Chan discusses how security teams can use thoughtful tools and automation to improve relationships with development teams while creating a more secure and manageable environment.
Alex Holden talks about hackers and their attacks, their latest techniques and the defenses needed today and tomorrow. He also talks about a number of recent breaches as well as lessons learned.
Jarrod Overson talks about a world where passwords are traded, sold, verified, and used to exploit sites, how to recognize malicious traffic, and how to take a stand against attackers.
Rob Winch and Joe Grandja discuss how to easily secure an application with Spring Security 4.1 and focus on some of the new features found in Spring Security 4.1.
David Ferriera describes how ForgeRock provides a standards-based blueprint that offers a flexible solution to balance security and performance while protecting Cloud Foundry services end-to-end.
Justin Smith discusses credential hygiene in distributed systems, covering topics such as key encrypting keys, hardware security modules, and promising advances in muti-party computation.