InfoQ Homepage Application Security Content on InfoQ
-
Sustainable Security Requirements with the ASVS
Josh Grossman provides a brief overview of what the ASVS is, but takes a closer look at balancing trade-offs and prioritizing different security requirements.
/presentations/sustainable-security-requirements-asvs/en/mediumimage/JoshGrossman-medium-1702972626824.jpg)
-
DevSecOps and Application Security
Rajiv Kapoor, Clint Gibler, André Tehrani, Anastasiia Voitova, and Erik Costlow discuss how to integrate security into DevOps, where their concerns are and how each is addressed.
/presentations/app-security-devsecops/en/mediumimage/infoq-live-logo-m-1636624381729.jpg)
-
Bigger, Faster and More Secure
Laura Bell talks about how security can look when it stops being about fear and starts being a tool for building systems of the future.
/presentations/security-future-systems/en/mediumimage/Laubig-1525912601160.JPG)
-
Building Secure Player Experiences at Riot Games
David Rook talks about the Riot Games Application Security program. He focusses on the tech and social aspects of the program and why he feels both are important when it comes to writing secure code.
/presentations/security-riot-games/en/mediumimage/Davbig.JPG)
-
How to Backdoor Invulnerable Code
Josh Schwartz takes a look at the real tactics, with examples, used to compromise and backdoor seemingly secure products by exploiting the humans and systems that create them.
/presentations/backdoor-code/en/mediumimage/Joshbig.JPG)
-
Security Vulnerabilities in 3rd Party Code: FIX ALL THE THINGS
Kymberlee Price discusses vulnerability data and explores the source and spread of these vulnerabilities through products, along with advice on what can be done to address security vulnerabilities.
/presentations/security-vulnerabilities-libraries/en/mediumimage/Kymbig.JPG)
-
Two-Factor Authentication
Phil Nash takes a look at generating one time passwords, implementing two-factor authentication in web applications and the use cases for QR codes.
/presentations/two-factor-authentication/en/mediumimage/Philbig.JPG)
-
Real-Time Fraud Detection with Graphs
Jim Webber talks about several kinds of fraud common in financial services and how each decomposes into a straightforward graph use-case. He explores them using Neo4j and Cypher query language.
/presentations/graph-fraud-detection/en/mediumimage/Jimbig.JPG)
-
Android Apps, an Attacker’s Perspective
Tony Trummer focuses on how to apply an adversarial perspective when building Android applications, how to identify attack surfaces and the thought process attackers use.
/presentations/android-app-attacker/en/mediumimage/Tonybig.JPG)
-
Applications Through an Attacker’s Lens
Michael Coates explores how attackers target, analyze and compromise applications and discusses recent high profile compromises and deconstructs them to understand exactly what went wrong.
/presentations/security-attacker-mind/en/mediumimage/Micbig.JPG)
-
The Imitation Game: The New Frontline of Security
S. Ghosemajumder reviews the evolution of AI based security attacks that imitate the actions of real people, and looks at how they are changing the nature of developing online applications securely.
/presentations/ai-security/en/mediumimage/Shubig.JPG)
-
Weaving Security into the SDLC
Bill Sempf discusses security in the context of the SDLC, presenting the analysis results from reviewing several code sources, the problems found and the corresponding solutions.
/presentations/security-sdlc/en/mediumimage/Billbig.JPG)