InfoQ Homepage Application Security Content on InfoQ
-
/articles/istio-security-mtls-jwt/en/smallimage/istio-security-mtls-jwt-s-1534205189556.jpeg)
Increasing Security with a Service Mesh: Christian Posta Explores the Capabilities of Istio
Istio attempts to solve some particularly difficult challenges when running applications in a cloud platform: application networking, reliability, and observability and (the focus of this article) security. With Istio, communication between services in the mesh is secure and encrypted by default. Istio can also help with "origin" or "end-user" JWT identity token verification.
-
/articles/security-ethics/en/smallimage/security-ethics-logo-1534010626256.jpeg)
The Ethics of Security
Like security, tech ethics is about trying to prevent our systems from hurting users or anyone else.
-
/articles/security-cloud-cheslock/en/smallimage/LOGO-b.jpeg)
A Security Approach for a Cloudy World: An Interview with Pete Cheslock
Does your approach to application and data center security change when adopting cloud services? To learn more about this topic, InfoQ reached out to Pete Cheslock, head of operations and support teams at Threat Stack.
-
/articles/containers-hype-curve/en/smallimage/series-logo.jpg)
Article Series: Containers in the Real World - Stepping Off the Hype Curve
This article series explains how containers are actually being used within the enterprise. It dives into the core technology behind containers and how this is currently being used by developers, examines core challenges with deploying containers in the enterprise and the future of containerisation, and discusses the role unikernels are currently playing within leading-edge organisations.
-
/articles/adaptive-security-maths/en/smallimage/logo-mathematics.jpg)
The Mathematics of Adaptive Security
Enterprise security teams are charged with maintaining the “perfect” set of security policies. In their pursuit of the perfect security policy, they are often the department of slow (because the pursuit of perfection takes time). At the same time, “to err is human…”
-
/articles/beyond-blacklisting-cyberdefense-advanced-persistent-threats/en/smallimage/logo.jpg)
Beyond Blacklisting: Cyberdefense in the Era of Advanced Persistent Threats
In this article, authors discuss the security vulnerabilities in software applications and how whitelisting approach has advantages over blacklisting. They also talk about how to implement the whitelisting security policies and cost involved with it.