InfoQ Homepage Security Content on InfoQ
-
Secure Isolation in Rust: Hypervisors, Containers, and the Future of Composable Infrastructure
Allison Randal discusses how to obtain security through isolation in Rust using hypervisors and containers.
/presentations/rust-security-isolation-containers-hypervisors/en/mediumimage/rust-security-isolation-containers-hypervisors-m-1553719451781.jpg)
-
CredHub and Secure Credential Management
Peter Blum and Scott Frederick discuss how to enhance security within Cloud Foundry and applications through secret management by utilizing CredHub.
/presentations/credhub-security/en/mediumimage/12big-1553136393837.jpg)
-
Capacity Planning for Crypto Mania
Jordan Sitkin and Luke Demi talk about how Coinbase had to deal with the cryptocurrency spikes of 2017.
/presentations/coinbase-cryptocurrency/en/mediumimage/coinbase-cryptocurrency-m-1553717000299.jpg)
-
Security in the Hybrid Cloud at Liberty Mutual
Matt Ruel discusses how Liberty Mutual is delivering customer value quickly via secure pipelines to the cloud.
/presentations/liberty-mutual-hybrid-cloud/en/mediumimage/Matbig-1552611316749.JPG)
-
Developer Secure Containers for the Cyberspace Battlefield
Chris Saunders, Jason Scanga discuss issues with container security in a multi-tenant setting, the need to encrypt communications with containers, avoiding vulnerabilities introduced by developers.
/presentations/container-security-multi-tenant/en/mediumimage/Chrisbig-1552610680085.JPG)
-
OWASP Top 10 Vulnerabilities & ASP.NET
Bill Dinger goes over the 2017 OWASP Top 10 vulnerabilities and how they apply to ASP.NET, including a demo of each vulnerability, the risk it poses, how to detect the attack, and how to mitigate it.
/presentations/owasp-top-10-vulnerabilities-2017/en/mediumimage/Bilbig-1552273978530.JPG)
-
The Most Secure Program Is One That Doesn’t Exist
Diane Hosfelt gives an overview of how Rust’s design gives security guarantees and discusses goals and visions for the future.
/presentations/rust-security-guarantees/en/mediumimage/Diane-Hosfelt-m-1554371419895.jpg)
-
DevSecOps: Security at the Speed of DevOps
Larry Maccherone introduces the DevSecOps manifesto and provides a process model to accomplish the necessary mindset shift and achieve effective DevSecOps culture transformation.
/presentations/devsecops/en/mediumimage/Larbig-1551051566887.JPG)
-
Using CredHub for Kubernetes Deployments
Peter Blum, Eugene Kiselev discuss using CredHub to store sensitive data in Kubernetes clusters on PCF.
/presentations/credhub-kubernetes-pcf/en/mediumimage/Petbig-1550891601589.JPG)
-
Securing OAuth 2.0 Resources in Spring Security 5
Josh Cummings and Joe Grandja take a look at two insecure applications--one a web application and the other a REST API--and integrate them both with an OAuth 2.0 Authorization Server.
/presentations/oauth-2-spring-security-5/en/mediumimage/Jobig-1550020383807.jpg)
-
Securing Pivotal Cloud Foundry by Regularly Rebuilding
Lance Rochelle discusses how rebuilding regularly affects the partnership between the PCF team and other teams within a highly regulated organization, real cost savings, and reducing risk.
/presentations/pcf-rebuilding/en/mediumimage/Lanbig-1549732919804.JPG)
-
Microservices Security Patterns & Protocols with Spring & PCF
Adib Saikali introduces the patterns and protocols used to secure microservices, covering JWT, JWA, JWS, JWE, JWK, OAuth2, OpenId Connect, and demoing an application build using Spring & PCF.
/presentations/microservices-security-spring-pcf/en/mediumimage/Adib-Saikali-M-1549531960618.jpeg)