InfoQ Homepage Security Content on InfoQ
-
Managing Secrets at Scale
Mark Paluch discusses keeping the security bar high while running services that require secrets, securely sharing and managing secrets (certificates, passwords, keys) using Vault and Spring Boot.
/presentations/secrets-at-scale/en/mediumimage/Markbig.JPG)
-
Modern Web Security, Lazy But Mindful Like a Fox
Albert Yu presents a few viable, usable and effective defensive techniques that developers have often overlooked.
/presentations/security-defenses/en/mediumimage/Yubig.JPG)
-
OpenID Connect & OAuth - Demystifying Cloud Identity
Filip Hanik and Sree Tummidi talk about the OpenID Connect and OAuth 2, sharing their experiences building the CF User Authentication and Account management project, and OpenID Connect implementation.
/presentations/openid-connect-oauth/en/mediumimage/Filbig.JPG)
-
The Psychology of Security Automation
Jason Chan discusses how security teams can use thoughtful tools and automation to improve relationships with development teams while creating a more secure and manageable environment.
/presentations/security-automationi-collaboration/en/mediumimage/Jasbig.JPG)
-
Art of Stepping on the Same Rake, Volume 2
Alex Holden talks about hackers and their attacks, their latest techniques and the defenses needed today and tomorrow. He also talks about a number of recent breaches as well as lessons learned.
/presentations/security-hackers/en/mediumimage/Alexbig.JPG)
-
What Happens When Data Gets Breached?
Jarrod Overson talks about a world where passwords are traded, sold, verified, and used to exploit sites, how to recognize malicious traffic, and how to take a stand against attackers.
/presentations/security-protection-2016/en/mediumimage/Jarbig.JPG)
-
To Spring Security 4.1 and beyond
Rob Winch and Joe Grandja discuss how to easily secure an application with Spring Security 4.1 and focus on some of the new features found in Spring Security 4.1.
/presentations/spring-security-4-1/en/mediumimage/doibig.jpg)
-
An Authentication and Authorization Architecture for a Microservices World
David Ferriera describes how ForgeRock provides a standards-based blueprint that offers a flexible solution to balance security and performance while protecting Cloud Foundry services end-to-end.
/presentations/forgerock-security/en/mediumimage/Davidbig.JPG)
-
Cloud Native Key Management
Justin Smith discusses credential hygiene in distributed systems, covering topics such as key encrypting keys, hardware security modules, and promising advances in muti-party computation.
/presentations/cloud-native-key-management/en/mediumimage/Jusbig.JPG)
-
What I Learned from Four Years of Science-ing the Crap out of DevOps
Nicole Forsgren shares the results of studies spanning four years and 25,000 DevOps data points: continuous delivery and Lean management practices improves quality and security outcomes.
/presentations/devops-matters/en/mediumimage/Nicbig.JPG)
-
Are Your Microservices Naked and Afraid?
Alan Ho and Sandeep Murusupalli discuss the right type of protection (OAuth/Throttling) and monitoring (e.g. bot monitoring) needed to be put in place to properly manage microservices.
/presentations/microservices-monitoring/en/mediumimage/Alanbig.JPG)
-
Security Vulnerabilities in 3rd Party Code: FIX ALL THE THINGS
Kymberlee Price discusses vulnerability data and explores the source and spread of these vulnerabilities through products, along with advice on what can be done to address security vulnerabilities.
/presentations/security-vulnerabilities-libraries/en/mediumimage/Kymbig.JPG)