InfoQ Homepage Security Content on InfoQ
-
Security or Convenience - Why Not Both?
Dorota Parad discusses the BLISS framework for security, showing senior developers and leaders how to enhance security while boosting engineering productivity and minimizing operational friction.
/presentations/security-productivity/en/mediumimage/dorota-parad-medium-1751009275471.jpg)
-
Visibility in Cloud Security: How Exactly Are Our Cloud Environments Configured?
Danielle Sudai discusses Cloud Security Posture Management (CSPM), its lifecycle (inventory, scan, notify), and how it helps developers prevent cloud security incidents.
/presentations/visibility-cloud-security/en/mediumimage/danielle-sudai-medium-1744787122665.jpg)
-
Cloud Attack Emulation: Leveraging the Attacker’s Advantage for Effective Defense
Kennedy Torkura discusses cloud attack emulation, the attacker's perspective, and threat-informed defense for stronger cloud security.
/presentations/cloud-attack-emulation/en/mediumimage/kennedy-torkura-medium-1744786727819.jpg)
-
LLM and Generative AI for Sensitive Data - Navigating Security, Responsibility, and Pitfalls in Highly Regulated Industries
Stefania Chaplin and Azhir Mahmood discuss responsible, secure, and explainable AI in regulated industries. Learn MLOps, legislation, and future trends.
/presentations/llm-ml-security/en/mediumimage/azhir-stefania-medium-1741181597784.jpg)
-
Comprehensive Approaches to Software Supply Chain Security
Mykhailo Brodskyi discusses critical software supply chain security risk categories relevant to FinTech and explains effective mitigation strategies. Real case studies & demo included.
/presentations/supply-chain-security/en/mediumimage/michael-brodskiy-medium-1741258778491.jpeg)
-
Dare Mighty Things: What NASA's Endeavors Teach Us about the Power of Calculated RISCs
Khawaja Shams explores the essence of calculated risks, discussing why these risks are worth taking, how to identify and mitigate potential downsides, and the characteristics of good risks.
/presentations/nasa-calculated-risks/en/mediumimage/khawaja-shams-medium-1740573020029.jpeg)
-
A Zero Trust Future for Applications: Practical Implementation and Pitfalls
Ashish Rajan shares a practical guide to working on zero trust, exploring where it fails before it starts and where engineers should see quick wins. Surprisingly, the answer is not really DevSecOps.
/presentations/zero-trust-devsecops/en/mediumimage/ashish-rajan-medium-1738148760241.jpeg)
-
Flawed ML Security: Mitigating Security Vulnerabilities in Data & Machine Learning Infrastructure with MLSecOps
Adrian Gonzalez-Martin introduces the motivations and the importance of security in data & ML infrastructure through a set of practical examples showcasing "Flawed Machine Learning Security".
/presentations/mlsecops/en/mediumimage/adrian-gonzalez-medium-1737539353155.jpeg)
-
Efficient DevSecOps Workflows with a Little Help from AI
Michael Friedrich tells a story about experienced pain points, wasted hours debugging and solving, and learning how a little help from AI makes DevSecOps workflows efficient again.
/presentations/devsecops-ai/en/mediumimage/MichaelFriedrich-medium-1734515745316.jpg)
-
From Anti-Patterns to Best Practices: a Practical Guide to DevSecOps Automation and Security
Spyros Gasteratos discusses security patternsand provides alternatives to detrimental practices, along with a compilation of free and open-source tools endorsed by the community.
/presentations/security-best-practices-tools/en/mediumimage/Spyros-Gasteratos-medium-1733145877904.jpg)
-
Trends in InfoSec: Data Minimization, Autoclassification, and Ethical AI
Rachael Greaves provides a summary of the requirements for data lifecycle management, the technology approaches, and the risks, and includes a Data Minimization Best Practice Checklist.
/presentations/trends-infosec/en/mediumimage/RachaelGreaves-medium-1731486542179.jpeg)
-
Beyond the Breach: Proactive Defense in the Age of Advanced Threats
Michael Brunton-Spall discusses some of the most advanced attacks that are in the public domain, mostly attributed in public by commercial organizations.
/presentations/security-advanaced-threats/en/mediumimage/michael-medium-1726825001794.jpg)