InfoQ Homepage Security Content on InfoQ
-
/articles/tls-certificate-transparency/en/smallimage/tls-certificate-transparency-thumbnail-1756385529119.jpg)
Beyond the Padlock: Why Certificate Transparency is Reshaping Internet Trust
Certificate Transparency (CT) creates public, append-only logs of every TLS certificate issued, enabling detection of rogue or mistaken certificates. This article explores how CT has transformed internet PKI by moving from reliance on certificate authority trustworthiness to providing verifiable transparency that major browsers now require.
-
/articles/ransomware-resilient-storage-cyber-defense/en/smallimage/ransomware-resilient-storage-cyber-defense-thumbnail-1755589602893.jpg)
Ransomware-Resilient Storage: the New Frontline Defense in a High-Stakes Cyber Battle
Cybersecurity has evolved, with ransomware now primarily targeting data storage and backups. To combat this, modern defense strategies focus on making storage systems more resilient. Key tactics include using immutable storage that prevents data from being altered or deleted, employing AI-powered detection, and implementing air-gapping to create isolated, tamper-proof recovery points.
-
/articles/zero-downtime-cloud-upgrades/en/smallimage/zero-downtime-cloud-upgrades-thumbnail-1754398638654.jpg)
Zero-Downtime Critical Cloud Infrastructure Upgrades at Scale
Engineers can avoid common pitfalls in large-scale infrastructure upgrades by studying others' experiences. The article provides lessons learned from big firms like eBay and Snowflake, offering solutions for legacy systems, performance validation, and rollback planning. It emphasizes systematic preparation and clear communication to handle challenges and ensure zero-downtime upgrades at scale.
-
/articles/aws-sandbox-as-a-service/en/smallimage/aws-sandbox-as-a-service-thumbnail-1754387123420.jpg)
Sandbox as a Service: Building an Automated AWS Sandbox Framework
This article outlines an automated AWS Sandbox Framework to provide secure, cost-controlled environments for innovation. It leverages AWS services like Control Tower and open-source tools to automate provisioning, enforce security policies, manage resource lifecycles, and optimize costs through automated cleanup and governance.
-
/articles/cloud-prem-architecture-challenges/en/smallimage/cloud-prem-architecture-challenges-thumbnail-1750753890389.jpg)
Engineering Principles for Building a Successful Cloud-Prem Solution
Discover how Cloud-Prem solutions combine cloud efficiency with on-premise control, meeting data sovereignty and compliance demands while optimizing operational costs and enhancing customer security.
-
/articles/apache-kafka-stretch-cluster-failures/en/smallimage/apache-kafka-stretch-cluster-failures-thumbnail-1750152098922.jpg)
Analyzing Apache Kafka Stretch Clusters: WAN Disruptions, Failure Scenarios, and DR Strategies
Proficient in analyzing the dynamics of Apache Kafka Stretch Clusters, I assess WAN disruptions and devise effective Disaster Recovery (DR) strategies. With deep expertise, I ensure high availability and data integrity across multi-region deployments. My insights optimize operational resilience, safeguarding vital services against service level agreement violations.
-
/articles/apiops-iac-reshaped-api-strategy/en/smallimage/apiops-iac-reshaped-api-strategy-thumbnail-1749546152771.jpg)
We Took Developers out of the Portal: How APIOps and IaC Reshaped Our API Strategy
Dynamic API strategist with expertise in transforming legacy management into efficient APIOps frameworks using Infrastructure as Code (IaC). Proven track record in automating API lifecycles, enhancing security, and fostering developer productivity through CI/CD integration. Adept at driving operational excellence and consistency across environments, enabling rapid deployment and innovation.
-
/articles/secure-ai-powered-early-detection-system/en/smallimage/designing-architecture-ai-models-thumbnail-1740475990469.jpg)
Secure AI-Powered Early Detection System for Medical Data Analysis & Diagnosis
In this article, the author discusses the techniques for securing AI applications in healthcare with an use case of early detection system for medical data analysis & diagnosis. The proposed layered architecture includes application components to support secure computation, ai modeling, governance and compliance, and monitoring and auditing.
-
/articles/large-language-models-prompt-injection-stealing/en/smallimage/prompt-injection-llm-logo-small-1737547033103.jpg)
Prompt Injection for Large Language Models
This article will cover two common attack vectors against large language models and tools based on them, prompt injection and prompt stealing. We will additionally introduce three approaches to make your LLM-based systems and tools less vulnerable to this kind of attacks and review their benefits and limitations, including fine-tuning, adversarial detectors, and system prompt hardening.
-
/articles/responsible-ai-fintech/en/smallimage/navigating-responsible-ai-logo-small-1732088592946.jpg)
Navigating Responsible AI in the FinTech Landscape
Explore the dynamic intersection of responsible AI, regulation, and ethics in the FinTech sector. This article highlights key challenges and innovative practices as organizations navigate compliance with evolving guidelines like the EU AI Act. Discover how to balance transparency, efficiency, and risk management for sustainable AI growth in your business.
-
/articles/cell-based-architecture-application-security/en/smallimage/cba-security-small-1729762783227.jpeg)
Securing Cell-Based Architecture in Modern Applications
Securing cell-based architecture is essential to fully capitalize on its benefits while minimizing risks. To achieve this, comprehensive security measures must be put in place. Organizations can start by isolating and containing cells using sandbox environments and strict access control mechanisms like role-based and attribute-based access control.
-
/articles/multi-region-architecture/en/smallimage/optimizing-wellhub-autocomplete-logo-small-1728898753118.jpg)
Optimizing Wellhub Autocomplete Service Latency: a Multi-Region Architecture
Every company wants fast, reliable, and low-latency services. Achieving these goals requires significant investment and effort. In this article, I will share how Wellhub invested in a multi-region architecture to achieve a low-latency autocomplete service.