InfoQ Homepage Security Content on InfoQ
-
Cloud Attack Emulation: Leveraging the Attacker’s Advantage for Effective Defense
Kennedy Torkura discusses cloud attack emulation, the attacker's perspective, and threat-informed defense for stronger cloud security.
/presentations/cloud-attack-emulation/en/mediumimage/kennedy-torkura-medium-1744786727819.jpg)
-
LLM and Generative AI for Sensitive Data - Navigating Security, Responsibility, and Pitfalls in Highly Regulated Industries
Stefania Chaplin and Azhir Mahmood discuss responsible, secure, and explainable AI in regulated industries. Learn MLOps, legislation, and future trends.
/presentations/llm-ml-security/en/mediumimage/azhir-stefania-medium-1741181597784.jpg)
-
Comprehensive Approaches to Software Supply Chain Security
Mykhailo Brodskyi discusses critical software supply chain security risk categories relevant to FinTech and explains effective mitigation strategies. Real case studies & demo included.
/presentations/supply-chain-security/en/mediumimage/michael-brodskiy-medium-1741258778491.jpeg)
-
Dare Mighty Things: What NASA's Endeavors Teach Us about the Power of Calculated RISCs
Khawaja Shams explores the essence of calculated risks, discussing why these risks are worth taking, how to identify and mitigate potential downsides, and the characteristics of good risks.
/presentations/nasa-calculated-risks/en/mediumimage/khawaja-shams-medium-1740573020029.jpeg)
-
A Zero Trust Future for Applications: Practical Implementation and Pitfalls
Ashish Rajan shares a practical guide to working on zero trust, exploring where it fails before it starts and where engineers should see quick wins. Surprisingly, the answer is not really DevSecOps.
/presentations/zero-trust-devsecops/en/mediumimage/ashish-rajan-medium-1738148760241.jpeg)
-
Flawed ML Security: Mitigating Security Vulnerabilities in Data & Machine Learning Infrastructure with MLSecOps
Adrian Gonzalez-Martin introduces the motivations and the importance of security in data & ML infrastructure through a set of practical examples showcasing "Flawed Machine Learning Security".
/presentations/mlsecops/en/mediumimage/adrian-gonzalez-medium-1737539353155.jpeg)
-
Efficient DevSecOps Workflows with a Little Help from AI
Michael Friedrich tells a story about experienced pain points, wasted hours debugging and solving, and learning how a little help from AI makes DevSecOps workflows efficient again.
/presentations/devsecops-ai/en/mediumimage/MichaelFriedrich-medium-1734515745316.jpg)
-
From Anti-Patterns to Best Practices: a Practical Guide to DevSecOps Automation and Security
Spyros Gasteratos discusses security patternsand provides alternatives to detrimental practices, along with a compilation of free and open-source tools endorsed by the community.
/presentations/security-best-practices-tools/en/mediumimage/Spyros-Gasteratos-medium-1733145877904.jpg)
-
Trends in InfoSec: Data Minimization, Autoclassification, and Ethical AI
Rachael Greaves provides a summary of the requirements for data lifecycle management, the technology approaches, and the risks, and includes a Data Minimization Best Practice Checklist.
/presentations/trends-infosec/en/mediumimage/RachaelGreaves-medium-1731486542179.jpeg)
-
Beyond the Breach: Proactive Defense in the Age of Advanced Threats
Michael Brunton-Spall discusses some of the most advanced attacks that are in the public domain, mostly attributed in public by commercial organizations.
/presentations/security-advanaced-threats/en/mediumimage/michael-medium-1726825001794.jpg)
-
Best Practices to Secure Web Applications
Loiane Groner discusses the best practices for secure coding, input validation techniques, the importance of strategic error handling and logging, and how to manage file uploads safely.
/presentations/practices-web-app-security/en/mediumimage/LoianeGroner-medium-1726126468139.jpg)
-
Risk and Failure on the Path to Staff Engineer
Caleb Hyde discusses their career progression and regressions, as well the context they used to figure out what to work on and whom to work with, distilling a framework to utilize in one’s own work.
/presentations/risk-failure-staff/en/mediumimage/CalebHyde-medium-1719490511687.jpg)