InfoQ Homepage Security Content on InfoQ
-
Reflecting on a Life Watching Movies and a Career in Security
Jason Chan talks about some trends in the movie industry that relate well to similar changes in technology and security.
-
How to Build More Secure Service Brokers
Denise Yu highlights common threat assessment frameworks, drawing attention to potential vulnerabilities in service broker architecture, and offering system design guidelines and resources.
-
How to Use Encryption for Defense in Depth in Native and Browser Apps
Isaac Potoczny-Jones discusses the pros and cons of application-level and end-to-end encryption.
-
Building a DevSecOps Pipeline around Your Spring Boot Application
Hayley Denbraver looks into the tools, methodology, culture, and process changes to consider so that an organization is ready for the transformation needed for a DevSecOps pipeline.
-
Day 3: Security Auditing and Compliance
David Zendzian and Steve White discuss how to handle ongoing security requirements running on Cloud Foundry platforms.
-
Making Npm Install Safe
Kate Sills discusses how to minimize the risks of running third-party JavaScript.
-
Exploiting Common iOS Apps’ Vulnerabilities
Ivan Rodriguez walks through some of the most common vulnerabilities on iOS apps and shows how to exploit them.
-
Securing Your CI/CD Pipeline
Jeroen Willemsen shares his experience from various security automation implementation projects, showing how to secure a pipeline.
-
Security and Compliance Theater - The Seventh Deadly Disease
John Willis describes the “Seven Deadly Diseases of DevOps” with a focus on the most costly of them all - Security and Compliance Theater.
-
Small Is Beautiful: How to Improve Security by Maintaining Less Code
Natalie Silvanovich explains several causes of unnecessary attack surfaces and how to avoid them.
-
Secure IoT Command, Control, and Exfil with Apache MiNiFi
Andy LoPresto discusses the need to secure IoT devices, detailing how to do that with Apache MiNiFi.
-
Enabling Secure Code at Scale with Spring and OAuth2
Matt Ruel and Darren Forsythe discuss using Spring Security and OAuth2 to secure an application.