InfoQ Homepage Security Content on InfoQ
-
Securing Java Applications in the Age of Log4Shell
Simon Maple looks at how one can be more proactive and defensive in decisions for future Log4Shell like scenarios, considering, identifying and reducing the risk introduced into applications.
/presentations/log4shell-security/en/mediumimage/Simon-maple-m-1665986617483.jpg)
-
"Trust Me, I'm an Insider" - Diving into Zero Trust Security
Sindhuja Rao and Deepank Dixit discuss how Zero Trust does a better security job, how scalable it is and why trust the “Zero Trust”.
/presentations/zero-trust-security/en/mediumimage/qcon-plus-m-1664526022932.jpeg)
-
Building Trust & Confidence with Security Chaos Engineering
Aaron Rinehart shares his experience on Security focused Chaos Engineering used to build trust and confidence, proactively identifying and navigating security unknowns.
/presentations/security-chaos-engineering-trust/en/mediumimage/Aaron Rinehart-m-1661501944686.jpg)
-
Protecting User Data via Extensions on Metadata Management Tooling
Alyssa Ransbury overviews the current state of metadata management tooling, and details how Square implemented security on its data.
/presentations/square-data-security/en/mediumimage/alyssa-ransbury-m-1661160125482.jpg)
-
DevSecOps Best Practices for Identity & Access Management
The panelists discuss how to integrate security into DevOps, where their concerns are and how each is addressed.
/presentations/devsecops-security/en/mediumimage/infoq-live-m-1657276640959.jpg)
-
Authorization at Netflix Scale
Travis Nelson discusses Netflix’s approach to scaling and shares techniques for distributed caching and isolating failure domains.
/presentations/authorization-scalability/en/mediumimage/travis_nelson-m-1657274616928.jpg)
-
Making Sense of Application Security
Adib Saikali provides a roadmap for application developers and architects to master application security, identifying the security skills needed as an application developer.
/presentations/app-security-skills/en/mediumimage/Adib Saikali-m-1656926310904.jpg)
-
Cloud-Native Application Security: Your Attack Surface Just Got Bigger
Brian Vermeer shows common threats, vulnerabilities, and misconfiguration including the recently disclosed issues in Log4j, including actionable remediation and best practices.
/presentations/cloud-native-app-security/en/mediumimage/Brian-Vermeer-m-1656052906287.jpg)
-
Panel: Secure Systems
The panelists discuss the security for the software supply chain and software security risk measurement.
/presentations/security-software-supply-chain/en/mediumimage/qcon-plus-m-1651751448809.jpg)
-
One Ring -3 to Secure Them All: Computing with Hardware Enclaves
Aaron Bedra explores the most widely available options and their usage in IoT and cloud, discussing design trade-offs, security, and performance.
/presentations/iot-cloud-options-production/en/mediumimage/Aaron_Bedra-m-1648800935854.jpg)
-
Application-Layer Encryption Basics for Developers
Isaac Potoczny-Jones covers the basics of encryption, what are application-layer and infrastructure-layer encryption, when to use asymmetric and symmetric keys, and how to do key management.
/presentations/application-encryption-basics/en/mediumimage/isaac-potoczny-jones-m-1648799228542.jpg)
-
Cloud DevSecOps in Practice: People, Processes and Tools
The panelists discuss how to get the right security, DevOps, and cloud engineering stakeholders together to build a realistic DevSecOps strategy.
/presentations/cloud-devsecops-strategy/en/mediumimage/infoq-live-logo-m-1647596251841.jpg)