InfoQ Homepage Security Content on InfoQ
-
Managing Thousands of Data Services @Heroku
Gabriel Enslein discusses the evolution of fleet orchestration, immutable infrastructure, security auditing for managing data services for many Salesforce customers.
/presentations/salesforce-data-storage-services/en/mediumimage/Gabbig.JPG)
-
Empowering Devices for IoT with Erlang and FPGA
Irina Guberman discusses challenges using FPGAs and Erlang in IoT, including enforcing security and updating FPGA devices on the fly.
/presentations/iot-erlang-fpga/en/mediumimage/Irinabig.JPG)
-
Doorman - An Osquery Fleet Manager
Marcin Wielgoszewski talks about how his company uses Doorman and osquery to provide visibility into their infrastructure to enforce security.
/presentations/doorman-osquery/en/mediumimage/Marbig.JPG)
-
Secure Microservices Adoption
Grygoriy Gonchar describes the benefits of the microservices architecture for security and how to deal with authentication, keeping track of dependencies and storing lots of credentials.
/presentations/microservices-security/en/mediumimage/Grybig.JPG)
-
BLESS: Better Security and Ops for SSH Access
Bryan Payne talks about BLESS in general: what it is, how it works, and how we can start using it. He explores the Netflix BLESS production architecture and how other companies have used BLESS.
/presentations/bless-security-ops-ssh/en/mediumimage/Brybig.JPG)
-
Practical mTLS: Security without the Headaches
Ying Li discusses in detail the implementation challenges of Swarm, how her team at Docker greatly reduced the overhead necessary to manage an infrastructure that makes use of TLS certificates.
/presentations/tls-swarm-pki/en/mediumimage/Yinbig.JPG)
-
This Will Cut You: Go's Sharper Edges
Thomas Shadwell talks about how distinct, exploitable misuse patterns arise in software languages, and through examples in Go hopes to show the language's distinct security characteristics.
/presentations/go-security/en/mediumimage/Thobig.JPG)
-
Building Secure Player Experiences at Riot Games
David Rook talks about the Riot Games Application Security program. He focusses on the tech and social aspects of the program and why he feels both are important when it comes to writing secure code.
/presentations/security-riot-games/en/mediumimage/Davbig.JPG)
-
How to Backdoor Invulnerable Code
Josh Schwartz takes a look at the real tactics, with examples, used to compromise and backdoor seemingly secure products by exploiting the humans and systems that create them.
/presentations/backdoor-code/en/mediumimage/Joshbig.JPG)
-
Blockchain: The Oracle Problems
Paul Sztorc talks about why the oracle problem is so hard (the historical evolution of failures, why they fail), and the basics of blockchain ("blockchain as immortal software", ledger "rents").
/presentations/blockchain-oracle-problems/en/mediumimage/Paulbig.JPG)
-
Case Study: Alternate Blockchains
Jeremy Rand talks about Namecoin and Monero, the advantages to alternate blockchains, and risks of using chains that are not as secured or are merge mined.
/presentations/namecoin-monero/en/mediumimage/Jerbig.JPG)
-
Practical Blockchains: Building on Bitcoin
Peter Todd answers the questions: why use Bitcoin over other blockchains, what is safe, future proof ways to peg data to Bitcoin's blockchain and what is Bitcoin script, and how it can be used.
/presentations/blockchain-bitcoin/en/mediumimage/Petbig.JPG)