InfoQ Homepage Security Content on InfoQ
-
Tracy Miranda on Secure Supply Chains, SBOMs, and SLSA
In this episode, Tracy Miranda, a leader in the secure software supply chain domain, sat down with InfoQ podcast co-host Daniel Bryant and discussed the current state of the industry. Topics covered included the benefits of SBOMs and SLSA, getting started with generating SBOMs, and how developers should work with leadership when evaluating their organization’s security posture.
-
Dan Benjamin on Cloud Data Security and Data Detection and Response
In this podcast, Srini Penchikala spoke with Dan Benjamin, the CEO of Dig Security, on three main topics: Cloud Data Security, Data Security Posture Management, Data Detection and Response (DDR).
-
Kim Lewandowski and Michael Lieberman on Securing the Software Supply Chain with SLSA
Charles Humble talks to Kim Lewandowski and Michael Lieberman about the SLSA framework. They discuss why the software supply chain is under growing attack, explore the key ideas in SLSA and its connection to Google’s Binary Authentication for Borg, and think about how the framework might evolve.
-
Cyber Security with Maxime Lamothe-Brassard
On this episode of the InfoQ Podcast, Thomas Betts talks with Maxime Lamothe-Brassard about cybersecurity. Understanding security is very similar to understanding software architecture, with general concepts applicable to everyone, and specific needs that depend on your situation. The discussion covers roles and responsibilities, DevSecOps, and the current and future state of cloud-native security
-
Michelle Brenner Builds Netflix Workstations and Enables Artists to Create From Anywhere
Producing television shows and movies at Netflix-scale means having a way to efficiently work with many artists and content creators. Netflix Workstations were created as a cloud-based solution to provide artists with secure access to the applications and content they need to complete their work. We talk about the benefits and trade-offs of the solution that enables artists to create from anywhere
-
Derek Weeks on the 2020 DevSecOps Community Survey Results
In this podcast Shane Hastie, Lead Editor for Culture & Methods, spoke to Derek Weeks of Sonatype about the results of the 2020 DevSecOps Community Survey and the All Day DevOps conference.
-
Chris Matts & Tony Grout on IT Risk Management Framework as a Catalyst for Change
In this podcast Shane Hastie, Lead Editor for Culture & Methods, talks to Tony Grout and Chris Matts about building an IT risk management framework at a large bank and using that as a catalyst for a digital transformation.
-
Chris Matts on BDD, Real Options, Risk Management and the Impact of Culture for Effective Outcomes
In this podcast Chris Matts, “The IT Risk Manager”, one of the original thinkers behind Real Options, Feature Injection and Behaviour Driven Development, talks about BDD, Real Options, Risk Management and the Impact of Culture for Effective Outcomes.