BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
News Articles Presentations Podcasts Guides

Topics

Choose your language

QCon San Francisco - image
QCon San Francisco

Level up your software skills by uncovering the emerging trends you should focus on. Register now.

 QCon London - image
QCon London

Discover emerging trends, insights, and real-world best practices in software development & tech leadership. Join now.

 QCon London - image
InfoQ Dev Summit Boston

Learn how senior software developers are solving the challenges you face. Register now with early bird tickets.

 The Software Architects Newsletter - image
The Software Architects' Newsletter

Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.

InfoQ Homepage Cloud Security Content on InfoQ

Articles

RSS Feed
Newer Older
  • DevOps

    What Does Zero Trust Mean for Kubernetes?

    Zero trust is a powerful security model that’s at the forefront of modern security practices. It’s also a term that is prone to buzz and hype, making it hard to cut through the noise. So what is zero trust, exactly, and for Kubernetes, what does it mean in concrete terms? In this article, we’ll explore what zero trust is from an engineering perspective.

    William Morgan
    on Aug 25, 2022
  • DevOps

    What Developers Must Know about Zero Trust

    Zero trust solves the problem of open network access by allowing access only to the resources a user should be allowed to access. This article covers how to start working with zero trust principles and ideas.

    Gilad David Maayan
    on Aug 04, 2022
  • Cloud

    Managing Kubernetes Secrets with the External Secrets Operator

    Kubernetes doesn’t yet have the capabilities to manage the lifecycle of secrets, so sometimes we need external systems to manage this sensitive information. Once the amount of secret information we need to manage increases, we may need additional tools to simplify and better manage the process. In this article, we’ll take a detailed look at one of these tools, the External Secrets Operator.

    Önsel Akin
    on Aug 02, 2022
  • DevOps

    Using DevOps Automation to Combat DevOps Workforce Shortages

    A focus on automation can help to combat the current staffing struggles many organizations have with DevOps roles. Effective automation can reduce the toil experienced by developers. Automation efforts should focus on security operations, deployments, continuous delivery, QA testing, and continuous integration.

    Cody Littlewood
    on Jul 13, 2022
  • Culture & Methods

    Diving into Zero Trust Security

    The Zero Trust approach involves a combination of more-secure authentication approaches, such as MFA with profiling and posturing of the client device, along with some stronger encryption checks. This article shares some insights on Zero Trust Security for your organization and your customers, and how you can get started with it.

    Sindhuja Rao Deepank Dixit
    on Jun 23, 2022
  • DevOps

    Evolving DevSecOps to Include Policy Management

    A thorough implementation of policy management tools is required for effective compliance and security management in a DevOps environment. Companies that accept policy management in DevSecOps as a way of development and have adopted some level of policy management best practices tend to operate more efficiently.

    Ritesh Patel
    on May 26, 2022
  • DevOps

    The Role of DevOps in Cloud Security Management

    Different areas of cloud security must be examined to strengthen security in the cloud versus security of the cloud. This includes identifying requirements, defining the architecture, analyzing controls, and identifying gaps. Security must be both proactive and reactive, so it needs to be considered in every step of development.

    Dotan Nahum
    on Apr 22, 2022
  • Architecture & Design

    Designing Secure Tenant Isolation in Python for Serverless Apps

    Software as a Service (SaaS) has become a very common way to deliver software today. While providing the benefits of easy access to users without the overhead of having to manage the operations themselves, this flips the paradigm and places the responsibility on software providers for maintaining ironclad SLAs, as well as all of the security and data privacy requirements.

    Avichay Attlan
    on Apr 20, 2022
  • DevOps

    Strategies for Assessing and Prioritizing Security Risks Such as Log4j

    The evolving threat landscape requires a comprehensive approach to mitigation. An effective strategy is built on visibility, assessing vulnerabilities in context, effective use of filtering technologies, and monitoring for evidence of intrusion.

    Owen Garrett
    on Mar 28, 2022
  • DevOps

    Insights into the Emerging Prevalence of Software Vulnerabilities

    The software exploit landscape is constantly evolving and organizations need to be structured to stay ahead of these risks. A solid platform built on software best practices, education, and a good understanding of the threat landscape is critical to a strong defensive posture.

    Cynthia Freeney
    on Mar 25, 2022
  • DevOps

    Is Docker Secure Enough? Advice for Configuring Secure Container Images and Runtimes

    Ensure that Docker is secure enough by fine-tuning the security approach to meet your use cases. It is important to have an understanding of the differences between the Docker image and the Docker runtime and the security implications and priorities for each. This article covers a number of techniques for ensuring appropriate security for Docker.

    Rudy De Busscher
    on Feb 23, 2022
  • Cloud

    Using Cloud Native Buildpacks to Address Security Requirements for the Software Supply Chain

    Software supply chain attacks are increasing in severity and frequency, with no clear path laid out towards its mitigation. A simple way to trace the origin of vulnerable components is available in the form of Software Bill Of Materials (SBOMs), generated automatically when using Buildpacks.

    Ram Iyengar
    on Oct 06, 2021
Newer Articles
Older Articles
BT