InfoQ Homepage Security Content on InfoQ
-
Failing Fast: the Impact of Bias When Speeding up Application Security
Laura Bell explores how bias impacts the security of a development lifecycle and examines 3 common biases that lead to big issues in this space.
-
Being Secure by Default
Dan Abel discusses how they have changed their culture and built confidence in security practices with a culture of collaboration across their organization.
-
Armor CLAD Functions
Guy Podjarny talks about how to properly secure our cloud functions. He uses a model called CLAD to remember what's left to protect, and discusses concrete practices to scale our defences.
-
Let Devs Be Devs: Abstracting away Compliance and Reliability to Accelerate Modern Cloud Deployments
Rahul Arya shares how they built a platform to abstract away compliance, make reliability with Chaos Engineering completely self-serve, and enable developers to ship code faster.
-
Automating Chaos Attacks
Daniel Albuquerque and Nikos Katirtzis show how to run attacks in both manual and automated ways.
-
Reconciling Performance and Security in High Load Environments
Ignat Korchagin explores how to drive security in a high performance environment and make it a welcome and natural part of the product lifecycle.
-
Keep Calm and Secure Your CI/CD Pipeline
Sonya Moisset shows how to create a secure continuous integration/continuous deployment pipeline.
-
Designing Secure Architectures the Modern Way, Regardless of Stack
Eugene Pilyankevich shares his experience of implementing sophisticated defenses in constrained environments and explains why designing it properly is what counts.
-
Security Vulnerabilities Decomposition
Katy Anton flips the security from focusing on vulnerabilities (measured at the end) to focusing on the security controls which can be used by developers from beginning in software development cycle.
-
Predicting Cryptocurrency Exchange Rates with Stream Processing, Social Data and Online Learning
Tim Frey discusses how iunera used social data from Twitter in machine learning to predict crypto currency exchange rates.
-
Running Third-Party JavaScript
Kate Sills discusses how to minimize the risks of running third-party JavaScript. She goes over POLA, and how object capabilities can help grant specific, limited resources to third-party code.
-
Policy Enforcement on Kubernetes with Open Policy Agent
Aleks Saul and Jaime Gonzalez Aguilar introduce Rego, the language used to describe OPA policies, recent updates to OPA, and break down sample policies for common use cases.