InfoQ Homepage Security Content on InfoQ
-
A Continuation of Devops: Policy as Code
Gareth Rushgrove looks at examples of tools that move security controls into code and explores how policy as code can work at the team level.
/presentations/policy-as-code/en/mediumimage/Garbig-1563151806713.JPG)
-
Securing Services Using SSO
Shraya Ramani talks about BuzzFeed’s transition to microservices and their open-source, homegrown, centralized solution - SSO.
/presentations/security-services-sso/en/mediumimage/Shraya-Ramani-m-1559210996745.jpg)
-
Speed the Right Way: Design and Security in Agile
Kevin Gilpin discusses the renewed focus of the software design process and code complexity in software security, describing how design review can be modernized to help improve application security.
/presentations/security-design-review/en/mediumimage/Kevin-Gilpin-m-1559148384335.jpeg)
-
What Lies between: the Challenges of Operationalizing Microservices
Colin Breck presents practical approaches to take microservices into production or increase the value provided by existing systems and also explores how to integrate microservices at scale.
/presentations/challenges-operationalizing-microservices/en/mediumimage/Colbig-1560702713861.JPG)
-
A Journey into Intel’s SGX
Jessie Frazelle discusses Intel's SGX technology. Frazelle also covers an overview of computer architecture, detailing one hardware version, its flaws and changes to come in a future version.
/presentations/intel-sgx/en/mediumimage/Jessie-Frazelle-m-1558595441584.jpeg)
-
Panel: Secure Isolation of Applications
Applications have been isolated by lots of different means and new methods are appearing. What is secure? Have Spectre and Meltdown changed the landscape? What should be used?
/presentations/secure-isolation-applications/en/mediumimage/secure-isolation-applications-m-1558601541901.jpeg)
-
The Evolving Practice of Security
Michael Brunton-Spall talks about practices that are evolving in the security space, and how developers and security can collaborate more with new and modern practices.
/presentations/security-best-practices/en/mediumimage/security-best-practices-m-1558010163053.jpeg)
-
Many DevSecOps Tools are Just DevOps Lipstick on an Old Pig
Larry Maccherone discusses the security tool categories that have traditionally been used by development teams, and shows how to evaluate DevSecOps tools.
/presentations/evaluate-devsecops-tools/en/mediumimage/Larbig-1556751490411.JPG)
-
The Anatomy of Building a Compliant PCF Service in a Limited Connectivity Environment #BoomSauce
Joshua Kirchmeier and Garrett Klok discuss the techniques used to achieve DFARS compliance within AWS GovCloud, and troubleshooting challenges faced with using PCF in a limited connectivity IaaS.
/presentations/boomsauce-pcf/en/mediumimage/Jobig-1556750378623.JPG)
-
Reducing Risk of Credential Compromise @Netflix
Will Bengtson and Travis McPeak talk about Netflix Infrastructure Security.
/presentations/netflix-infrastructure-security/en/mediumimage/Reducing-Risk-1556180437783.jpg)
-
QCon SF 2018: Security Panel
The panelists discuss current security issues and ways to mitigate them.
/presentations/security-panel/en/mediumimage/security-panel-1556194284861.jpg)
-
Security & Psychology: Demotivating Persistent Threats
Jarrod Overson breaks down the workflow for effective threat mitigation of sophisticated attackers.
/presentations/security-threat-mitigation/en/mediumimage/Jarbig-1554685591634.JPG)