BT

InfoQ Software Architects' Newsletter

A monthly overview of things you need to know as an architect or aspiring architect.

View an example

We protect your privacy.

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Logo - Back to homepage

News Articles Presentations Podcasts Guides

Topics

Development

Featured in Development

Building Inclusive Mini Golf: a Practical Guide to Accessible XR Development

Colby Morgan discusses practical strategies and technical examples for building accessible and inclusive XR experiences. Learn about their core design principles, including accessibility at the start, invisible features, simplicity, and layered depth, using Walkabout Mini Golf as a case study.

All in development

Architecture & Design

Featured in Architecture & Design

Architectural Experimentation in Practice: Frequently Asked Questions

This third article in a series answers some frequently asked questions about architectural experiments. Architectural experiments test critical decisions to reduce risks and costs, using well-defined hypotheses and results for clarity. They are structured, not unfocused, exploratory learning.

All in architecture-design

AI Infrastructure

Featured in AI, ML & Data Engineering

Rockset - Building a Modern Analytics Database on Top of RocksDB

Igor Canadi discusses the architecture of their real-time search analytics SQL database built on RocksDB. He explains their cloud-native design, custom RocksDB replication, shared hot storage solution, and how they optimized RocksDB for efficient analytical queries. Learn about their approach to scalability, low latency, and high concurrency for application-focused databases.

All in ai-ml-data-eng

Culture & Methods

Featured in Culture & Methods

Building Your Personal Brand and Making an Impact: Insights from Principal Engineer Pablo Fredrikson

In this podcast, Shane Hastie, Lead Editor for Culture & Methods, spoke to Pablo Fredrikson, a principal engineer at Bitso, about the importance of building a personal brand, sharing knowledge, and helping others in the tech industry.

All in culture-methods

DevOps

Featured in DevOps

Checklist for Kubernetes in Production: Best Practices for SREs

This article provides SREs with a checklist for managing Kubernetes in production environments. It identifies common challenges including resource management, workload placement, high availability, health probes, storage, monitoring, and cost optimization. By implementing consistent GitOps automation across these areas, teams can significantly reduce complexity, and prevent downtime.

All in devops

Events

Helpful links

Choose your language

InfoQ Dev Summit Boston

Learn how senior software developers are solving the challenges you face. Register now with early bird tickets.

InfoQ Dev Summit Munich

Learn practical solutions to today's most pressing software challenges. Register now with early bird tickets.

QCon San Francisco

Explore insights, real-world best practices and solutions in software development & leadership. Register now.

QCon AI New York

Learn how leading engineering teams run AI in production-reliably, securely, and at scale. Register now.

InfoQ Homepage Security Content on InfoQ

Presentations

RSS Feed

Newer Older

Development

Sustainable Security Requirements with the ASVS

Josh Grossman provides a brief overview of what the ASVS is, but takes a closer look at balancing trade-offs and prioritizing different security requirements.

Josh Grossman
on Jan 12, 2024

Icon

46:14
Culture & Methods

Implementing OSSF Scorecards across an Organization

Chris Swan provides a walkthrough of the steps involved in securing a first repository, and then what it takes to repeat that process across an organization with multiple repos.

Chris Swan
on Dec 12, 2023

Icon

50:53
Culture & Methods

Securing the Software Supply Chain: How in-toto and TUF Work Together to Combat Supply Chain Attacks

Marina Moore covers the fundamentals of both in-toto and TUF, and discusses how to combine them with a real world case study where Datadog has been using two technologies together.

Marina Moore
on Nov 28, 2023

Icon

35:07
Development

The Many Facets of “Identity”

Radia Perlman describes what aspects of identity and authentication blockchain might address, and compares a “blockchain“ approach with what is deployed today.

Radia Perlman
on Nov 23, 2023

Icon

47:00
Development

Security Checks Simplified: How to Implement Best Practices with Ease

Varun Sharma, CEO of StepSecurity, talks about OpenSSF Scorecard, a tool that assesses how well a code repository follows security best practices.

Varun Sharma
on Nov 17, 2023

Icon

34:05
DevOps

Celebrity Vulnerabilities: Effective Response to Critical Production Threats

Alyssa Miller dives into the lessons learned from three major open source security events, the Equifax breach via Struts, the Log4j vulnerabilities and the Spring4Shell exploit.

Alyssa Miller
on Sep 27, 2023

Icon

43:51
Development

A Big Dashboard of Problems: Creating Preventative Security Strategies

Travis McPeak explores the forefront of simple and effective preventative security strategies.

Travis McPeak
on Sep 12, 2023

Icon

42:47
Culture & Methods

Programming Your Policies: Exploring Open Policy Agent and More

Justin Cormack discusses how to deal with policies, what the business drivers are, how it affects developers, compliance and security departments, and the cultural and communication changes there.

Justin Cormack
on Aug 17, 2023

Icon

45:24
Cloud

Beyond Default Settings: Evaluating the Security of Kubernetes and Cloud Native Environments

The panelists discuss default configurations, authentication, and access control mechanisms in the context of what Kubernetes brings to the table in terms of security.

Michael Chenetz Jacopo Nardiello Kristina Devochko Renato Losio
on Jul 12, 2023

Icon

01:01:15
DevOps

Log4Shell Response Patterns & Learnings from Them

Tapabrata Pal describes three broad categories of enterprises based on their responses to Log4Shell and identifies the key characteristics of each of these patterns.

Tapabrata Pal
on May 05, 2023

Icon

45:22
DevOps

Securing Microservices: Preventing Vulnerability Traversal

Stefania Chaplin is looking at OWASP recommendations and Kubernetes best practices to find out more about how to secure microservices and reduce vulnerability traversal.

Stefania Chaplin
on Jan 20, 2023

Icon

46:31
Architecture & Design

Best Practices for API Quality and Security

The panelists discuss how to improve quality and security in API design and management, what the biggest challenges are and how to address them.

Filip Verloy Pedro Aravena Dave Malik Elizabeth Zagroba Renato Losio
on Dec 21, 2022

Icon

59:03

Newer Presentations

Older Presentations

BT