InfoQ Homepage Security Content on InfoQ
-
DevSecOps: Security at the Speed of DevOps
Larry Maccherone introduces the DevSecOps manifesto and provides a process model to accomplish the necessary mindset shift and achieve effective DevSecOps culture transformation.
/presentations/devsecops/en/mediumimage/Larbig-1551051566887.JPG)
-
Using CredHub for Kubernetes Deployments
Peter Blum, Eugene Kiselev discuss using CredHub to store sensitive data in Kubernetes clusters on PCF.
/presentations/credhub-kubernetes-pcf/en/mediumimage/Petbig-1550891601589.JPG)
-
Securing OAuth 2.0 Resources in Spring Security 5
Josh Cummings and Joe Grandja take a look at two insecure applications--one a web application and the other a REST API--and integrate them both with an OAuth 2.0 Authorization Server.
/presentations/oauth-2-spring-security-5/en/mediumimage/Jobig-1550020383807.jpg)
-
Securing Pivotal Cloud Foundry by Regularly Rebuilding
Lance Rochelle discusses how rebuilding regularly affects the partnership between the PCF team and other teams within a highly regulated organization, real cost savings, and reducing risk.
/presentations/pcf-rebuilding/en/mediumimage/Lanbig-1549732919804.JPG)
-
Microservices Security Patterns & Protocols with Spring & PCF
Adib Saikali introduces the patterns and protocols used to secure microservices, covering JWT, JWA, JWS, JWE, JWK, OAuth2, OpenId Connect, and demoing an application build using Spring & PCF.
/presentations/microservices-security-spring-pcf/en/mediumimage/Adib-Saikali-M-1549531960618.jpeg)
-
Intel's Cloud-Native Transformation
Liel Chayoun and Roi Ezra discuss Intel’s transition to cloud-native and microservices.
/presentations/intel-cloud-native-microservices/en/mediumimage/Doibig-1548441855150.JPG)
-
Implementing PII Encryption with PDX Serialization
Gideon Low and Niranjan Sarvi describe an implementation of PII encryption for Geode applications via use of custom PDX Serialization.
/presentations/p2-encryption-pdx-geode/en/mediumimage/Gidbig-1547081995678.JPG)
-
Securing Microservices in Hybrid Cloud
Komes Subramaniam introduces T-Mobile’s Authentication and Authorization Process (TAAP), presenting how it works and what are the benefits.
/presentations/taap/en/mediumimage/Doibig-1546031984272.JPG)
-
Risk Profiling
Jaume Jornet talks about why eDreams ODIGEO does Risk Profiling for product teams, how to introduce Risk Profiling in the organizations, and how it helps to move the company to highest maturity levels
/presentations/risk-profiling/en/mediumimage/Jaume-Jornet-m-1544124420224.jpg)
-
Reactive Spring Security 5.1 by Example
Rob Winch demos applying Spring Security to a reactive application, highlighting some of the new features in Spring Security 5.1.
/presentations/reactive-spring-security-5-1/en/mediumimage/Rob-Winch-m-1542098290941.jpg)
-
Securing Spring Functions by Breaking in
Guy Podjarny breaks into a Spring Cloud Functions application and exploits multiple weaknesses, explaining how to avoid them.
/presentations/spring-cloud-functions-security/en/mediumimage/guy-podjarny-m-1542097800566.jpeg)
-
Defense in Depth: in Depth
Chelsea Komlo looks at what defense in depth means from a variety of roles and perspectives, how it can help organizations prevent unforeseen attacks and limit damage when compromises do occur.
/presentations/defense-in-depth/en/mediumimage/Chelsea-Komlo-m-1541205815227.jpeg)