InfoQ Homepage Cloud Security Content on InfoQ
-
How DoorDash Ensures Velocity and Reliability through Policy Automation
Lin Du discusses the details of their approach at DoorDash; how they enabled their engineers to self-serve infrastructure through policy automation while ensuring both reliability and high velocity.
/presentations/policy-automation-velocity-reliability/en/mediumimage/LinDu-medium-1706689451713.jpg)
-
Programming Your Policies: Exploring Open Policy Agent and More
Justin Cormack discusses how to deal with policies, what the business drivers are, how it affects developers, compliance and security departments, and the cultural and communication changes there.
/presentations/policy-dealing-with/en/mediumimage/Justin-Cormack-medium-1691573825461.jpg)
-
Cloud DevSecOps in Practice: People, Processes and Tools
The panelists discuss how to get the right security, DevOps, and cloud engineering stakeholders together to build a realistic DevSecOps strategy.
/presentations/cloud-devsecops-strategy/en/mediumimage/infoq-live-logo-m-1647596251841.jpg)
-
Let Devs Be Devs: Abstracting away Compliance and Reliability to Accelerate Modern Cloud Deployments
Rahul Arya shares how they built a platform to abstract away compliance, make reliability with Chaos Engineering completely self-serve, and enable developers to ship code faster.
/presentations/compliance-jpmorgan/en/mediumimage/Rabig-1607696926422.JPG)
-
Policy Enforcement on Kubernetes with Open Policy Agent
Aleks Saul and Jaime Gonzalez Aguilar introduce Rego, the language used to describe OPA policies, recent updates to OPA, and break down sample policies for common use cases.
/presentations/rego-opa/en/mediumimage/Alebig-1591521264640.JPG)
-
Security and Compliance Theater - The Seventh Deadly Disease
John Willis describes the “Seven Deadly Diseases of DevOps” with a focus on the most costly of them all - Security and Compliance Theater.
/presentations/security-compliance/en/mediumimage/Jobig-1583757240262.JPG)
-
The Common Pitfalls of Cloud Native Software Supply Chains
Daniel Shapira talks about some of the common security vulnerabilities found in cloud-native environments and why it’s important to take security measures immediately to protect instances in the cloud
/presentations/pitfalls-cloud-native-supply-chains/en/mediumimage/Daniel-Shapira-m-1579744171056.jpg)
-
Mind the Software Gap: How We Can Operationalize Privacy & Compliance
Jean Yang talks about some of the ways GDPR and CCPA can influence software, but also about practical solutions to protecting data privacy and security.
/presentations/gdpr-ccpa-privacy/en/mediumimage/Jeabig-1575475429593.JPG)
-
Beyond Entitlements for Cloud-native
Chandra Guntur and Hong Liu show how they use Open Policy Agent with Spring Boot and HOCON to produce a responsibility management solution that scales to volume and performance needs.
/presentations/opa-spring-boot-hocon/en/mediumimage/opa-spring-boot-hocon-m-1570032482345.jpg)
-
A Continuation of Devops: Policy as Code
Gareth Rushgrove looks at examples of tools that move security controls into code and explores how policy as code can work at the team level.
/presentations/policy-as-code/en/mediumimage/Garbig-1563151806713.JPG)
-
A Journey into Intel’s SGX
Jessie Frazelle discusses Intel's SGX technology. Frazelle also covers an overview of computer architecture, detailing one hardware version, its flaws and changes to come in a future version.
/presentations/intel-sgx/en/mediumimage/Jessie-Frazelle-m-1558595441584.jpeg)
-
Intel's Cloud-Native Transformation
Liel Chayoun and Roi Ezra discuss Intel’s transition to cloud-native and microservices.
/presentations/intel-cloud-native-microservices/en/mediumimage/Doibig-1548441855150.JPG)