InfoQ Homepage Security Content on InfoQ
-
CredHub and Secure Credential Management
Peter Blum and Scott Frederick discuss using Pivotal’s CredHum to enhance security within Cloud Foundry and applications through secret management.
/presentations/credhub/en/mediumimage/Petbig-1516580253607.JPG)
-
Towards Memory Safety in Intel SGX Enclave
Yu Ding discusses Rust SGX SDK which combines Intel SGX together with Rust. Developers could write memory-safe SGX enclave easily, eliminating the possibility of being pwned intrinsically.
/presentations/intel-sgx-enclave/en/mediumimage/Yubig-1514950355202.JPG)
-
Control Flow Integrity Using Hardware Counters
J. Butler and C. Pierce present a system for early detection and prevention of unknown exploits. Their system uses Performance Monitoring Unit hardware to enforce coarse-grained Control Flow Integrity
/presentations/control-flow-integrity-counters/en/mediumimage/Doibig-1513384172140.JPG)
-
Architecting a Modern Financial Institution
Edward Wible and Rafael Ferreira discuss the key elements that make Nubank tick for millions of customers every day, and some key security decisions they made along the way.
/presentations/nubank-architecture/en/mediumimage/ArchitectingAModernFinancialInstitution-1517498409618.jpg)
-
From Threat Hunting to Crowd Defense
Richard Zhao talks about TI and AI in real practices, and crowd defense - a way to integrate defense measures against both targeted and untargeted attacks.
/presentations/ti-ai-crowd-defense/en/mediumimage/Ricbig-1513131782597.JPG)
-
Confusion in the Land of the Serverless
Sam Newman introduces serverless computing, discussing how security, resilience, patterns (circuit breaker), vendor lock-in, and microservices are addressed with this technology.
/presentations/serverless-issues/en/mediumimage/Sambig-1510513624219.JPG)
-
Cybercrime and the Developer: How to Start Defending against the Darker Side
Steve Poole discusses actions one can take (and some behaviors one must change) to create a more secure Java application for the cloud.
/presentations/java-security/en/mediumimage/Stebig-1510368672412.JPG)
-
Fighting Online Fraud and Abuse with Large-Scale Machine Learning at Sift Science
Jacob Burnim discusses Sift’s approach to building a ML system to detect fraud and abuse, including training models, handling imbalanced classes, sharing learning, measuring performance, etc..
/presentations/machine-learning-fraud-abuse/en/mediumimage/Jacbig-1509988681410.JPG)
-
Beyond OAuth2: End to End Microservice Security
Will Tran discusses enforcing microservices’ security policies with OAuth2.
/presentations/oauth2-microservices-security/en/mediumimage/Wilbig-1509331357437.JPG)
-
Digital Assets: Lessons in Securing What’s Next
Rob Witoff recaps on the past several years at the largest cryptocurrency company in the world and explores technical infrastructure and security lessons learned that apply to what’s next in Fintech.
/presentations/fintech-security-infrastructure/en/mediumimage/Robbig-1508798668259.JPG)
-
Lessons Learned from Fighting Nation States in Cyber Space
Dmitri Alperovitch covers important lessons learned from the hack of the DNC incidents like nation-state intrusions from China, Iran, North Korea, Russia and other countries.
/presentations/security-cyberspace/en/mediumimage/Dmibig-1508376856186.jpg)
-
Solving Payment Fraud and User Security with ML
Soups Ranjan talks about Coinbase’s risk program that relies on machine learning (supervised and unsupervised), rules-based systems as well as highly-skilled human fraud fighters.
/presentations/coinbase-risk-machine-learning/en/mediumimage/Soubig-1507251574285.jpg)