InfoQ Homepage Security Content on InfoQ
-
User & Device Identity for Microservices @ Netflix Scale
Satyajit Thadeshwar provides useful insights on how Netflix implemented a secure, token-agnostic, identity solution that works with services operating at a massive scale.
/presentations/netflix-user-identity/en/mediumimage/Satbig-1576540658892.JPG)
-
Securing Software from the Supply Side
Nickolas Means talks about the tools that GitHub provides for Open Source maintainers to improve the safety and security of the software supply chain at the source.
/presentations/github-security-open-source/en/mediumimage/Nikbig-1575903273168.JPG)
-
Mind the Software Gap: How We Can Operationalize Privacy & Compliance
Jean Yang talks about some of the ways GDPR and CCPA can influence software, but also about practical solutions to protecting data privacy and security.
/presentations/gdpr-ccpa-privacy/en/mediumimage/Jeabig-1575475429593.JPG)
-
Hello, Spring Security 5.2
Rob Winch, Eleftheria Stein-Kousathana and Filip Hanik walk through “hello security,” demonstrating how Spring Security can be customized to meet business requirements.
/presentations/spring-security-5-2/en/mediumimage/stein-hanik-winch-m-1574895782696.jpg)
-
Multi-Tenancy OAuth with Spring Security 5.2
Josh Cummings introduces AuthenticationManagerResolver, a simple interface from Spring Security.
/presentations/authenticationmanagerresolver/en/mediumimage/josh-cummings-2-1575035528369.jpg)
-
Maintaining the Go Crypto Libraries
Filippo Valsorda talks about the challenges in maintaining and keeping the cryptographic libraries written in Go secure, safe, useful and modern.
/presentations/go-crypto-library/en/mediumimage/Filippo-Valsorda-m-1572502572664.jpg)
-
Security for Managers
Mario Areias presents a different way of engaging security, and, in doing so, he’ll make the case that security can deliver value without necessarily being a blocker.
/presentations/security-agile/en/mediumimage/Mario-Areias-m-1572005945764.jpg)
-
How Much Does It Cost to Attack You?
Jarrod Overson describes the cost vs value justification of an attack, how it shifts over time, and why it means that silver bullets just don’t exist.
/presentations/cost-attacks/en/mediumimage/Jarrod-Overson-m-1571763773332.jpg)
-
Beyond Entitlements for Cloud-native
Chandra Guntur and Hong Liu show how they use Open Policy Agent with Spring Boot and HOCON to produce a responsibility management solution that scales to volume and performance needs.
/presentations/opa-spring-boot-hocon/en/mediumimage/opa-spring-boot-hocon-m-1570032482345.jpg)
-
Software Supply Chain Management with Grafeas and Kritis
Aysylu Greenberg discusses the goals for Grafeas and Kritis used to secure a company's software supply chain, and concludes with the details of current and future development.
/presentations/supply-grafeas-kritis/en/mediumimage/Aysbig-1569539986802.jpg)
-
Modern WAF Bypass Scripting Techniques for Autonomous Attacks
Johnny Xmas talks about some of the techniques people are using in automated attacks and what are some of the ways people use to circumvent website protection.
/presentations/waf-scripting-techniques-autonomous-attacks/en/mediumimage/Johnny-Xmas-m-1569243508174.jpg)
-
Making 'npm install' Safe
Kate Sills talks about some of the security issues using NPM packages, and Realms and SES (Secure ECMAScript) as possible solutions to NPM package security vulnerabilities.
/presentations/npm-security-realms-ses/en/mediumimage/Kate-Sills-m-1564414609430.jpg)