InfoQ Homepage Security Content on InfoQ
-
Virtual Panel: DevSecOps and Shifting Security Left
Recent attacks, that targeted SolarWinds, Colonial Pipeline, and others, have shown that development environments come ever more frequently on the radar of malicious actors. A virtual panel on the value of shifting left security, how to take responsibility for it, and the time-to-market pitfalls.
-
Leveraging Diversity to Enhance Cybersecurity
How can we ensure there is a diverse mindset applied to cybersecurity? By including non-technical people, those from non-traditional backgrounds, and being intentional about avoiding herd mentality. If we as an industry proclaim security as a best practice, we must equally ensure diversity to ensure we have most effectively mitigated the risks that abound.
-
Bootstrapping the Authentication Layer and Server with Auth0.js and Hasura
When you're trying to prototype an MVP for your app and want to start iterating quickly, the upfront cost of setting up authentication can be a massive roadblock. The authentication layer requires significant work, and you must always be on the lookout for security vulnerabilities.
-
How to Bridge the Gap between Netops and Secops for Ultimate Network Management and Security
Sometimes it can seem like a new IT management paradigm arrives every week. First, we had DevOps; then DevSecOps; now the most innovative organizations are talking about AIOps and even NetAIOps. Yet what is often forgotten about in this rush to name new ways of working is that many of them have been in place in the best-run teams for decades - a great example of this is NetOps and SecOps.
-
DevSecOps: the Key to Securing Your Supply Chain in a Multi-Cloud Threatscape
Recent supply chain attacks require businesses to re-evaluate their approach to DevOps, specifically as it relates to security. The DevSecOps focus CI/CD platforms, testing and scanning across the SDLC, and a focus on minimizing manual efforts can not only improve security postures but also improve delivery of business value.
-
DevOps and Cloud InfoQ Trends Report - July 2021
This article summarizes how we see the "cloud computing and DevOps" space in 2021, which focuses on fundamental infrastructure and operational patterns, the realization of patterns in technology frameworks, and the design processes and skills that a software architect or engineer must cultivate.
-
Building Stronger Human Teams by Managing the Inner Lizards
Each of us has an inner lizard that frets constantly about our safety. People come with brains that are pre-configured to scan everything you say for threats to their safety. Learning to recognize when you're operating under reptilian influence is a great start. This article introduces some techniques to help you manage the lizard within you along with those around you.
-
Danske Bank’s 360° DevSecOps Evolution at a Glance
This article provides an overview of the ongoing DevSecOps evolution at Danske Bank, positioned within the broader transformation that the firm is performing. The main enablers and motivating factors of the evolution are outlined, with challenges discovered. The high level overview of the DevSecOps operating model, together with anti-patterns discovered and main lessons learned concludes it.
-
Q&A with Eveline Oerhlich on Building an Effective DevOps Culture
The DevOps Institute recently released their latest report entitled "Upskilling 2021: Enterprise DevOps Skills Report". The report found that automation and security remain vital to business success. A focus on building the human skills of DevOps was also identified as companies with the best learning cultures were most likely to succeed.
-
A Reference Architecture for Fine-Grained Access Management on the Cloud
In this article, we will define a new reference architecture for cloud-native companies that are looking for a simplified access management solution for their cloud resources, from SSH hosts, databases, data warehouses, to message pipelines and cloud storage endpoints.
-
Nine Trends That Are Influencing the Adoption of Devops and Devsecops in 2021
While it’s important to recognize the value of both DevOps and DevSecOps, they are not one-size-fits-all, monolithic, permanent paradigms. In this article, we’ll take a look at that ongoing development – isolating and explaining nine key trends that are driving and changing the adoption of DevOps, DevSecOps, and a number of related approaches to development and management.
-
Signs You’re in a Death Spiral (and How to Turn It around before It’s Too Late)
Don’t let feature work blind you. Enterprises are ramping up their software delivery to compete in the digital-first world. But more features and faster time-to-market can lead your business into a death spiral if you neglect technical debt and risk work. Learn how to use value stream metrics to identify whether your business is in danger and how to reverse the trajectory before it’s too late.