InfoQ Homepage Security Content on InfoQ
-
A Big Dashboard of Problems: Creating Preventative Security Strategies
Travis McPeak explores the forefront of simple and effective preventative security strategies.
-
Programming Your Policies: Exploring Open Policy Agent and More
Justin Cormack discusses how to deal with policies, what the business drivers are, how it affects developers, compliance and security departments, and the cultural and communication changes there.
-
Beyond Default Settings: Evaluating the Security of Kubernetes and Cloud Native Environments
The panelists discuss default configurations, authentication, and access control mechanisms in the context of what Kubernetes brings to the table in terms of security.
-
Log4Shell Response Patterns & Learnings from Them
Tapabrata Pal describes three broad categories of enterprises based on their responses to Log4Shell and identifies the key characteristics of each of these patterns.
-
Securing Microservices: Preventing Vulnerability Traversal
Stefania Chaplin is looking at OWASP recommendations and Kubernetes best practices to find out more about how to secure microservices and reduce vulnerability traversal.
-
Best Practices for API Quality and Security
The panelists discuss how to improve quality and security in API design and management, what the biggest challenges are and how to address them.
-
Vulnerability Inbox Zero
Alex Smolen discusses dealing with security vulnerabilities both in the main product and the security scanner used to analyze it.
-
Slack’s DNSSEC Rollout: Third Time’s the Outage
Rafael de Elvira Tellez discusses a case study of what happened when a large SaaS company enabled DNSSEC.
-
Securing APIs and Microservices in the Cloud
Stefania Chaplin discusses how to secure APIs and microservices in the cloud based on OWASP recommendations.
-
Implementing Passwordless Logins with WebAuthn Protocol
Adib Saikali overviews the Web Authentication protocol which enables secure user-friendly authentication processes. He is using a sample Spring Security-based application.
-
Perspectives on Trust in Security & Privacy
The panelists discuss balancing the adjustment of the security posture and the user experience.
-
Securing Java Applications in the Age of Log4Shell
Simon Maple looks at how one can be more proactive and defensive in decisions for future Log4Shell like scenarios, considering, identifying and reducing the risk introduced into applications.