InfoQ Homepage Security Content on InfoQ
-
/articles/ai-cloud-security/en/smallimage/AI-no-silver-bullet-for-cloud-security-small-1611928293687.jpg)
AI No Silver Bullet for Cloud Security, But Here’s How It Can Help
In this article, the author looks at the real role of artificial intelligence in cloud security – the hype, the reality, and how we can resolve the gap between them. He encourages the reader to focus on making cloud security platforms that allow humans to provide truly intelligent threat responses, rather than relying on the machines to do it for us.
-
/articles/security-agile-web-development/en/smallimage/logo-1610616163064.jpg)
How Teams Can Overcome the Security Challenges of Agile Web App Development
Is the rapid pace of continuous rollouts making it too easy for your organization to cut corners when it comes to ensuring product source code is secure? You may need to reorient your team culture to adopt agile-friendly security processes. True collaboration between security and dev teams is the key to avoiding product vulnerabilities without compromising on your sprint cadence.
-
/articles/ale-software-architects/en/smallimage/Y9BOHmSU-s-1608133859357.jpeg)
Application Level Encryption for Software Architects
Challenges of building application-level encryption for software architects.
-
/articles/book-review-cyber-securities/en/smallimage/cybersecurity-logo-small-1607015545941.jpg)
Q&A on the Book Cybersecurity Threats, Malware Trends and Strategies
The book Cybersecurity Threats, Malware Trends and Strategies by Tim Rains provides an overview of the threat landscape over a twenty year period. It provides insights and solutions that can be used to develop an effective cybersecurity strategy and improve vulnerability management.
-
/articles/transformation-by-imagining-it-had-failed/en/smallimage/KICK-OFF-S-1606304485976.jpg)
Kick-off Your Transformation by Imagining It Had Failed
Large scale change initiatives have a worryingly high failure rate, the chief reason for which is that serious risks are not identified early. One way to create the safety needed for everyone to speak openly about the risks they see is by running a pre-mortem. In a pre-mortem, we assume that the transformation had already failed and walk backward from there to investigate what led to the failure.
-
/articles/identity-management-cloud-security/en/smallimage/cloud-s-1597621295998.jpeg)
Identity Mismanagement: Why the #1 Cloud Security Problem Is about to Get Worse
In this article, we'll look at why IAM is becoming such a huge challenge, explain why identity is the new currency, and then reveal some principles that can help you meet this challenge.
-
/articles/book-review-cyber-warfare/en/smallimage/cyber-warfare-cunningham-small-1594037762917.jpg)
Q&A on the Book Cyber Warfare
The book Cyber Warfare by Dr. Chase Cunningham explores how organizations can defend themselves against cyber attacks. It provides examples of actual attacks together with defense techniques, tools, and strategies for cybersecurity.
-
/articles/devs-working-in-cloud/en/smallimage/devs-working-in-cloud-s-1592488653539.jpg)
Five Reasons to Start Working in the Cloud
Whether self-hosted or managed, this article is going to cover five reasons why a cloud IDE may be precisely what you or your company needs to boost productivity to the next level.
-
/articles/encryption-defense-native-browser-apps/en/smallimage/security-browser-1589240480229.jpg)
How to Use Encryption for Defense in Depth in Native and Browser Apps
Isaac Potoczny-Jones discusses the pros and cons of application-layer encryption. He covers the attack surface of application-layer encryption in the browser, how it is very different from native clients, and how WebCrypto helps.
-
/articles/secure-edge-systems/en/smallimage/secure-edge-systems-s-1586969874758.jpg)
Deploying Edge Cloud Solutions without Sacrificing Security
Security challenges exist with edge cloud solutions. Some are technical, and some relate to the way in which these services are used. This article looks at the why, what, and how of edge security.
-
/articles/data-driven-privacy-architecture/en/smallimage/Privacy-Architecture-for-Data-Driven-Innovation-logo-1580376548756.jpg)
Privacy Architecture for Data-Driven Innovation
This article lays out how you build an internal data governance architecture early in the ingestion phase, which enables you to allocate risk to data and identify such data in your systems. You can then protect the data accordingly. The second half of this article lays out various techniques to share data in a privacy-conscious manner.
-
/articles/detect-prevent-account-fraud/en/smallimage/What-Is-Account-Creation-Fraud-Complete-Guide-to-Detection-and-Prevention-l-1576744432390.jpg)
What Is Account Creation Fraud? Complete Guide to Detection and Prevention
In this article, we'll take a look at the re-emergence of account creation fraud, and how this type of attack works. Then we'll turn our attention to the impact that this is already having on the way that companies secure their identity management systems, the effects of security measures like virtual private networks (VPN) and password managers, along with what the future will bring.