InfoQ Homepage Security Content on InfoQ
-
The Imitation Game: The New Frontline of Security
S. Ghosemajumder reviews the evolution of AI based security attacks that imitate the actions of real people, and looks at how they are changing the nature of developing online applications securely.
/presentations/ai-security/en/mediumimage/Shubig.JPG)
-
A How-to Guide to Security in the PAAS Cloud
John Field and Shawn McKinney examine the security of a typical Java web application and describe 5 common application security architecture patterns taken from real world customer problems.
/presentations/security-paas-cloud/en/mediumimage/Doibig.JPG)
-
Securing Microservices with Spring Cloud Security
Will Tran talks about the authentication and authorization scenarios that one may encounter once he starts building out microservices.
/presentations/microservices-security-spring-cloud/en/mediumimage/Willbig.JPG)
-
Weaving Security into the SDLC
Bill Sempf discusses security in the context of the SDLC, presenting the analysis results from reviewing several code sources, the problems found and the corresponding solutions.
/presentations/security-sdlc/en/mediumimage/Billbig.JPG)
-
Here Be Dragons: Security Maps of the Container New World
Josh Bregman explores some of the security challenges created by both the development workflow and application runtime, why SecDevOps 1.0 is insufficient, and how SecDevOps 2.0 can help.
/presentations/secdevops-sdv/en/mediumimage/Joshbig.JPG)
-
Privacy is Always a Requirement
Eleanor McHugh shares insights on digital privacy, encouraging others to gather the minimum information possible about their users in order to serve their needs.
/presentations/privacy/en/mediumimage/Elebig.JPG)
-
Federating the AWS CLI with an Identity Provider
Paul Moreno shows how to federate AWS IAM permissions, roles, and users with a directory service such as LDAP or Active Directory with an Identity Provider.
/presentations/aws-cli-federation/en/mediumimage/Paulbig.JPG)
-
Crafting an Effective Security Organization
Rich Smith discusses the progressive approaches taken by the Etsy security team to provide security while not destroying the freedoms of the Etsy engineering culture that are loved so much.
/presentations/security-etsy/en/mediumimage/Richbig.JPG)
-
Real Threat and Real Defenses – Case Study of the Unknown
Alex Holden examines hackers’ techniques, skills, and shortfalls. He takes a snapshot of the current threat landscape and derives practical lessons by analyzing a number of high profile breaches.
/presentations/hackers-threat-defense/en/mediumimage/Alexbig.JPG)
-
Operating Microservices
Michael Brunton-Spall shows how DevOps-like patterns can be applied on microservices to give the development teams more responsibility for their choices, and much more.
/presentations/microservices-devops-patterns/en/mediumimage/Michaelbig.JPG)
-
Designing Secure Services with Unikernels: a Tough Nut to Crack
Anil Madhavapeddy describes how to design and build "deploy-and-forget" cloud services that are specialized into unikernels, single-address space virtual machines.
/presentations/secure-services-unikernels/en/mediumimage/Anilbig.JPG)
-
Practical Insights when Designing an API from Scratch
Paul Glavich discusses design decisions to be made when building a new API regarding versioning, hypermedia usage, authentication and other aspects.
/presentations/api-design-saasu/en/mediumimage/Paulbig.JPG)