BT

InfoQ Software Architects' Newsletter

A monthly overview of things you need to know as an architect or aspiring architect.

View an example

We protect your privacy.

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Logo - Back to homepage

News Articles Presentations Podcasts Guides

Topics

Development

Featured in Development

How to Compute Without Looking: A Sneak Peek into Secure Multi-Party Computation

This article shows how you can compute a function across multiple parties that do not trust each other without forcing them to share their individual inputs. This technique can be used to split secrets among parties, perform logical operations, or count votes in a way that ensures data privacy is preserved.

All in development

Architecture & Design

Featured in Architecture & Design

OpenSearch Cluster Topologies for Cost Saving Autoscaling

Amitai Stern discusses cost-saving autoscaling topologies for OpenSearch. He explains the inherent challenges in autoscaling unstructured data systems like OpenSearch and Elasticsearch, using analogies to illustrate the complexities beyond simply adding nodes. He shares architectural patterns (burst indexes, burst clusters) to optimize resource utilization and handle fluctuating loads effectively.

All in architecture-design

AI Infrastructure

Featured in AI, ML & Data Engineering

Beyond Chatbots: Architecting Domain-Specific Generative AI for Operational Decision-Making

This article explores the use of domain-specific Generative AI, models that understand operational constraints, real-world dynamics, and business rules to generate executable strategies, not just text descriptions. These models require significantly smaller datasets and fewer parameters, making them cost-effective while enabling AI-driven core business decision intelligence at scale.

All in ai-ml-data-eng

Culture & Methods

Featured in Culture & Methods

Bringing a Product Mindset to an Infrastructure Platform Team

Stéphane Di Cesare discusses DKB's experience introducing a product mindset within their platform team, explaining their definition of a platform team, the rationale behind the shift, and their journey including challenges, goals, and key learnings around user value, platform definition, maturity models, and effective communication strategies for senior software developers and engineering leaders.

All in culture-methods

DevOps

Featured in DevOps

Checklist for Kubernetes in Production: Best Practices for SREs

This article provides SREs with a checklist for managing Kubernetes in production environments. It identifies common challenges including resource management, workload placement, high availability, health probes, storage, monitoring, and cost optimization. By implementing consistent GitOps automation across these areas, teams can significantly reduce complexity, and prevent downtime.

All in devops

Events

Helpful links

Choose your language

Discover emerging trends, insights, and real-world best practices in software development & tech leadership. Join now.

InfoQ Dev Summit Boston

Learn how senior software developers are solving the challenges you face. Register now with early bird tickets.

InfoQ Dev Summit Munich

Learn practical solutions to today's most pressing software challenges. Register now with early bird tickets.

QCon San Francisco

Explore insights, real-world best practices and solutions in software development & leadership. Register now.

InfoQ Homepage Security Content on InfoQ

Presentations

RSS Feed

Newer Older

Development

Sustainable Security Requirements with the ASVS

Josh Grossman provides a brief overview of what the ASVS is, but takes a closer look at balancing trade-offs and prioritizing different security requirements.

Josh Grossman
on Jan 12, 2024

Icon

46:14
Culture & Methods

Implementing OSSF Scorecards across an Organization

Chris Swan provides a walkthrough of the steps involved in securing a first repository, and then what it takes to repeat that process across an organization with multiple repos.

Chris Swan
on Dec 12, 2023

Icon

50:53
Culture & Methods

Securing the Software Supply Chain: How in-toto and TUF Work Together to Combat Supply Chain Attacks

Marina Moore covers the fundamentals of both in-toto and TUF, and discusses how to combine them with a real world case study where Datadog has been using two technologies together.

Marina Moore
on Nov 28, 2023

Icon

35:07
Development

The Many Facets of “Identity”

Radia Perlman describes what aspects of identity and authentication blockchain might address, and compares a “blockchain“ approach with what is deployed today.

Radia Perlman
on Nov 23, 2023

Icon

47:00
Development

Security Checks Simplified: How to Implement Best Practices with Ease

Varun Sharma, CEO of StepSecurity, talks about OpenSSF Scorecard, a tool that assesses how well a code repository follows security best practices.

Varun Sharma
on Nov 17, 2023

Icon

34:05
DevOps

Celebrity Vulnerabilities: Effective Response to Critical Production Threats

Alyssa Miller dives into the lessons learned from three major open source security events, the Equifax breach via Struts, the Log4j vulnerabilities and the Spring4Shell exploit.

Alyssa Miller
on Sep 27, 2023

Icon

43:51
Development

A Big Dashboard of Problems: Creating Preventative Security Strategies

Travis McPeak explores the forefront of simple and effective preventative security strategies.

Travis McPeak
on Sep 12, 2023

Icon

42:47
Culture & Methods

Programming Your Policies: Exploring Open Policy Agent and More

Justin Cormack discusses how to deal with policies, what the business drivers are, how it affects developers, compliance and security departments, and the cultural and communication changes there.

Justin Cormack
on Aug 17, 2023

Icon

45:24
Cloud

Beyond Default Settings: Evaluating the Security of Kubernetes and Cloud Native Environments

The panelists discuss default configurations, authentication, and access control mechanisms in the context of what Kubernetes brings to the table in terms of security.

Michael Chenetz Jacopo Nardiello Kristina Devochko Renato Losio
on Jul 12, 2023

Icon

01:01:15
DevOps

Log4Shell Response Patterns & Learnings from Them

Tapabrata Pal describes three broad categories of enterprises based on their responses to Log4Shell and identifies the key characteristics of each of these patterns.

Tapabrata Pal
on May 05, 2023

Icon

45:22
DevOps

Securing Microservices: Preventing Vulnerability Traversal

Stefania Chaplin is looking at OWASP recommendations and Kubernetes best practices to find out more about how to secure microservices and reduce vulnerability traversal.

Stefania Chaplin
on Jan 20, 2023

Icon

46:31
Architecture & Design

Best Practices for API Quality and Security

The panelists discuss how to improve quality and security in API design and management, what the biggest challenges are and how to address them.

Filip Verloy Pedro Aravena Dave Malik Elizabeth Zagroba Renato Losio
on Dec 21, 2022

Icon

59:03

Newer Presentations

Older Presentations

BT