InfoQ Homepage Security Content on InfoQ
-
/articles/conference-recording-recommendations-2019/en/smallimage/infoq-conference-recording-recommendations-2019-small-1575390422291.jpg)
InfoQ Editors' Recommended Talks from 2019
As part of the 2019 end-of-year-summary content, this article collects together a list of recommended presentation recordings from the InfoQ editorial team.
-
/articles/leaders-guide-cybersecurity/en/smallimage/a-leaders-guide-to-cybersecurity-logo-small-1573485864187.jpg)
Book Review: A Leader's Guide to Cybersecurity
A Leader's Guide to Cybersecurity educates readers about how to prevent a crisis and/or take leadership when one occurs. With a focus on clear communication, the book provides details, examples, and guidance of mapping security against what a business actually does. The book describes ways to align security with the motivation of others who may be security-agnostic against their own goals.
-
/articles/cybersecurity-pain-points/en/smallimage/three-major-cybersecurity-pain-posts-address-improved-threat-defense-l-1570618911328.jpg)
Three Major Cybersecurity Pain Points to Address for Improved Threat Defense
Three pain points every company must address when addressing cybersecurity include threat volume and complexity, a growing cybersecurity skills gap, and the need for threat prioritization. This article describes each of these in some detail, and includes recommendations for corporations to deal with them.
-
/articles/book-review-bug-hunting/en/smallimage/real-world-bug-hunting-qa-1570538890072.jpg)
Q&A on the Book Real-World Bug Hunting
The book Real-World Bug Hunting by Peter Yaworski is a field guide to finding software vulnerabilities. It explains what ethical hacking is, explores common vulnerability types, explains how to find them, and provides suggestions for reporting bugs while getting paid for doing so.
-
/articles/cloud-security-practices-gerg/en/smallimage/Improving-Security-Practices-Cloud-Age-QA-Christopher-Gerg-logo-1569415957274.jpg)
Improving Security Practices in the Cloud Age: Q&A With Christopher Gerg
IT leaders say that security is a top priority. Surveys show that it’s easy to say, and hard to do. InfoQ spoke with Christopher Gerg, CISO at Gillware, about security practices in the cloud age.
-
/articles/implementing-policies-kubernetes/en/smallimage/Implementing-Policies-in-Kubernetes-logo-1568710380440.jpg)
Implementing Policies in Kubernetes
The author explains what Kubernetes policies are, and how they can help you manage and secure the Kubernetes cluster. We will also look at why we need a policy engine to author and manage policies.
-
/articles/chaos-engineering-security-networking/en/smallimage/chaos-engineering-security-networking-s-1567076664758.jpeg)
How to Use Chaos Engineering to Break Things Productively
Chaos can be a preventative for calamity. It's predicated on the idea of failure as the rule rather than the exception, and it led to the development of the first dedicated chaos engineering tools. This article explores chaos engineering, and how to apply it.
-
/articles/developers-business-communicate/en/smallimage/logo-1562065617521.jpg)
How Developers Can Learn the Language of Business Stakeholders
This article explores how business stakeholders and developers can improve their collaboration and communication by learning each other's language and dictionaries. It explores areas where there can be the most tension: talking about impediments and blockers, individual and team learning, real options, and risk management.
-
/articles/evolve-devops-devsecops/en/smallimage/How-to-Seamlessly-Evolve-DevOps-into-DevSecOps-logo-small-1561367768393.jpg)
How to Seamlessly Evolve DevOps into DevSecOps
As DevOps evolved, it became obvious that it was about more than just software development and operations management. With each new story of a massive data breach and its catastrophic consequences, cybersecurity swiftly became recognized as a critical part of any IT ecosystem. This realization led to DevSecOps. This article looks at how to embrace a DevSecOps approach.
-
/articles/notpetya-retrospective/en/smallimage/icon-1560945161288.jpg)
NotPetya Retrospective
As we hit the second anniversary of NotPetya, this retrospective is based on the author’s personal involvement in the post-incident activities. In the immediate aftermath, it seemed like NotPetya could be the incident that would change the whole IT industry, but it wasn’t—pretty much all the lessons learned have been ignored.
-
/articles/book-review-risk-free-software-development/en/smallimage/infoq-risk-first-software-development-cover-1560550499019.jpg)
Q&A on the Book Risk-First Software Development
The book Risk-First Software Development by Rob Moffat views all of the activities on a software project through the lens of managing risk. It introduces a pattern language to classify different risks, provides suggestions for balancing risks, and explores how software methodologies view risks.
-
/articles/production-excellence-sustainable-operations-complex-systems/en/smallimage/logo-1-1559133034478.jpg)
Sustainable Operations in Complex Systems with Production Excellence
Successful long-term approaches to production ownership and DevOps require cultural change in the form of production excellence. Teams are more sustainable if they have well-defined measurements of reliability, the capability to debug new problems, a culture that fosters spreading knowledge, and a proactive approach to mitigating risk.