InfoQ Homepage Application Security Content on InfoQ
-
/articles/identity-management-cloud-security/en/smallimage/cloud-s-1597621295998.jpeg)
Identity Mismanagement: Why the #1 Cloud Security Problem Is about to Get Worse
In this article, we'll look at why IAM is becoming such a huge challenge, explain why identity is the new currency, and then reveal some principles that can help you meet this challenge.
-
/articles/devs-working-in-cloud/en/smallimage/devs-working-in-cloud-s-1592488653539.jpg)
Five Reasons to Start Working in the Cloud
Whether self-hosted or managed, this article is going to cover five reasons why a cloud IDE may be precisely what you or your company needs to boost productivity to the next level.
-
/articles/detect-prevent-account-fraud/en/smallimage/What-Is-Account-Creation-Fraud-Complete-Guide-to-Detection-and-Prevention-l-1576744432390.jpg)
What Is Account Creation Fraud? Complete Guide to Detection and Prevention
In this article, we'll take a look at the re-emergence of account creation fraud, and how this type of attack works. Then we'll turn our attention to the impact that this is already having on the way that companies secure their identity management systems, the effects of security measures like virtual private networks (VPN) and password managers, along with what the future will bring.
-
/articles/leaders-guide-cybersecurity/en/smallimage/a-leaders-guide-to-cybersecurity-logo-small-1573485864187.jpg)
Book Review: A Leader's Guide to Cybersecurity
A Leader's Guide to Cybersecurity educates readers about how to prevent a crisis and/or take leadership when one occurs. With a focus on clear communication, the book provides details, examples, and guidance of mapping security against what a business actually does. The book describes ways to align security with the motivation of others who may be security-agnostic against their own goals.
-
/articles/cloud-security-practices-gerg/en/smallimage/Improving-Security-Practices-Cloud-Age-QA-Christopher-Gerg-logo-1569415957274.jpg)
Improving Security Practices in the Cloud Age: Q&A With Christopher Gerg
IT leaders say that security is a top priority. Surveys show that it’s easy to say, and hard to do. InfoQ spoke with Christopher Gerg, CISO at Gillware, about security practices in the cloud age.
-
/articles/notpetya-retrospective/en/smallimage/icon-1560945161288.jpg)
NotPetya Retrospective
As we hit the second anniversary of NotPetya, this retrospective is based on the author’s personal involvement in the post-incident activities. In the immediate aftermath, it seemed like NotPetya could be the incident that would change the whole IT industry, but it wasn’t—pretty much all the lessons learned have been ignored.
-
/articles/improving-cloud-security/en/smallimage/improving-cloud-security-s-1553193784100.jpeg)
Seven Steps for Improving Cloud Security with Business Integration
For business owners and information technology professionals, cloud computing has represented a significant advancement in terms of efficiency and supportability. But like with any major shift in the IT industry, the cloud brings a host of new security risks. Let’s take a look at the most common risks associated with integrating cloud-based business systems and how to manage them appropriately.
-
/articles/istio-security-mtls-jwt/en/smallimage/istio-security-mtls-jwt-s-1534205189556.jpeg)
Increasing Security with a Service Mesh: Christian Posta Explores the Capabilities of Istio
Istio attempts to solve some particularly difficult challenges when running applications in a cloud platform: application networking, reliability, and observability and (the focus of this article) security. With Istio, communication between services in the mesh is secure and encrypted by default. Istio can also help with "origin" or "end-user" JWT identity token verification.
-
/articles/security-ethics/en/smallimage/security-ethics-logo-1534010626256.jpeg)
The Ethics of Security
Like security, tech ethics is about trying to prevent our systems from hurting users or anyone else.
-
/articles/security-cloud-cheslock/en/smallimage/LOGO-b.jpeg)
A Security Approach for a Cloudy World: An Interview with Pete Cheslock
Does your approach to application and data center security change when adopting cloud services? To learn more about this topic, InfoQ reached out to Pete Cheslock, head of operations and support teams at Threat Stack.
-
/articles/containers-hype-curve/en/smallimage/series-logo.jpg)
Article Series: Containers in the Real World - Stepping Off the Hype Curve
This article series explains how containers are actually being used within the enterprise. It dives into the core technology behind containers and how this is currently being used by developers, examines core challenges with deploying containers in the enterprise and the future of containerisation, and discusses the role unikernels are currently playing within leading-edge organisations.
-
/articles/adaptive-security-maths/en/smallimage/logo-mathematics.jpg)
The Mathematics of Adaptive Security
Enterprise security teams are charged with maintaining the “perfect” set of security policies. In their pursuit of the perfect security policy, they are often the department of slow (because the pursuit of perfection takes time). At the same time, “to err is human…”