InfoQ Homepage Security Content on InfoQ
-
Secure by Design: Building Security into Engineering Workflows and Teams
Stefania Chaplin discusses how to build security into engineering workflows and teams. She shares how to achieve a security-first culture by focusing on people, processes, and technology.
/presentations/security-workflow-team/en/mediumimage/stefania-chaplin-medium-1756299628025.jpeg)
-
Designing for Defense: Architecting APIs with Zero Trust Principles
Renato Losio and security experts discuss designing for defense and architecting APIs with Zero Trust principles, covering challenges, common vulnerabilities, and practical advice for developers.
/presentations/zero-trust-principles/en/mediumimage/infoqlive-540x400-1752487145764.jpg)
-
One Network: Cloud-Agnostic Service and Policy-Oriented Network Architecture
Anna Berenberg reveals Google's shift to One Network, streamlining diverse infrastructures to enhance developer velocity and policy management.
/presentations/policy-network-architecture/en/mediumimage/anna-berenberg-medium-1751622407858.jpg)
-
Security or Convenience - Why Not Both?
Dorota Parad discusses the BLISS framework for security, showing senior developers and leaders how to enhance security while boosting engineering productivity and minimizing operational friction.
/presentations/security-productivity/en/mediumimage/dorota-parad-medium-1751009275471.jpg)
-
Visibility in Cloud Security: How Exactly Are Our Cloud Environments Configured?
Danielle Sudai discusses Cloud Security Posture Management (CSPM), its lifecycle (inventory, scan, notify), and how it helps developers prevent cloud security incidents.
/presentations/visibility-cloud-security/en/mediumimage/danielle-sudai-medium-1744787122665.jpg)
-
Cloud Attack Emulation: Leveraging the Attacker’s Advantage for Effective Defense
Kennedy Torkura discusses cloud attack emulation, the attacker's perspective, and threat-informed defense for stronger cloud security.
/presentations/cloud-attack-emulation/en/mediumimage/kennedy-torkura-medium-1744786727819.jpg)
-
LLM and Generative AI for Sensitive Data - Navigating Security, Responsibility, and Pitfalls in Highly Regulated Industries
Stefania Chaplin and Azhir Mahmood discuss responsible, secure, and explainable AI in regulated industries. Learn MLOps, legislation, and future trends.
/presentations/llm-ml-security/en/mediumimage/azhir-stefania-medium-1741181597784.jpg)
-
Comprehensive Approaches to Software Supply Chain Security
Mykhailo Brodskyi discusses critical software supply chain security risk categories relevant to FinTech and explains effective mitigation strategies. Real case studies & demo included.
/presentations/supply-chain-security/en/mediumimage/michael-brodskiy-medium-1741258778491.jpeg)
-
Dare Mighty Things: What NASA's Endeavors Teach Us about the Power of Calculated RISCs
Khawaja Shams explores the essence of calculated risks, discussing why these risks are worth taking, how to identify and mitigate potential downsides, and the characteristics of good risks.
/presentations/nasa-calculated-risks/en/mediumimage/khawaja-shams-medium-1740573020029.jpeg)
-
A Zero Trust Future for Applications: Practical Implementation and Pitfalls
Ashish Rajan shares a practical guide to working on zero trust, exploring where it fails before it starts and where engineers should see quick wins. Surprisingly, the answer is not really DevSecOps.
/presentations/zero-trust-devsecops/en/mediumimage/ashish-rajan-medium-1738148760241.jpeg)
-
Flawed ML Security: Mitigating Security Vulnerabilities in Data & Machine Learning Infrastructure with MLSecOps
Adrian Gonzalez-Martin introduces the motivations and the importance of security in data & ML infrastructure through a set of practical examples showcasing "Flawed Machine Learning Security".
/presentations/mlsecops/en/mediumimage/adrian-gonzalez-medium-1737539353155.jpeg)
-
Efficient DevSecOps Workflows with a Little Help from AI
Michael Friedrich tells a story about experienced pain points, wasted hours debugging and solving, and learning how a little help from AI makes DevSecOps workflows efficient again.
/presentations/devsecops-ai/en/mediumimage/MichaelFriedrich-medium-1734515745316.jpg)