Security

Security | News, how-tos, features, reviews, and videos

Tech Spotlight   >   Cybersecurity [IFW]   >   Hands at a keyboard with binary code on the display.

6 security risks in software development and how to address them

Experts share how software development teams can ‘shift security left’ and improve governance of using open source components, managing code, deploying services, and handling data.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands cradle an abstract, virtual security matrix.

Cybersecurity in 2021: Stopping the madness

The challenges are greater than ever. But security pros have learned a lot – and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.

Tech Spotlight   >   The Future of Work [Overview]   >   A crystal ball for peering into the future.

The future of work: Coming sooner than you think

What will your worklife be like years from now? Today's work-from-home world has given us a glimpse of the future, as these five articles from CIO, Computerworld, CSO, InfoWorld, and Network World illustrate.

IDG edit cubicles wide-angle lens iphone 6S

How we’ll use cloud when we go back to work

We’ve proactively enabled a new remote workforce this past year, but some may return to the office soon. Better start planning.

A home workspace displays a sign marking the new normal.

The new normal needs new cloud security

IT leaders now question the effectiveness of security that was built before remote work spiked the use of cloud computing. Do their defenses hold up under widely distributed use?

gears iot

Using OPA with GitOps to speed cloud-native development

Devops teams are flocking to GitOps strategies to accelerate development time frames and eliminate cloud misconfigurations. They should adopt a similar ‘as-code’ approach to policy.

cubes - blocks - squares - containers - storage - repository

Containers require good architecture

They may seem simple, but containers require a whole new architecture skill set. Here’s what you need to know.

the list smartphone resolutions

My 2021 cloud computing New Year’s resolutions

It’s that time of year to make promises to yourself you’ll never keep. Perhaps these cloud-related improvements will be different.

Blue Hexagon network security

How to bring zero-trust security to microservices

Why we must use a zero-trust security model in microservices and how to implement it using the Kuma universal service mesh.

cloud security ts

Using OPA for multicloud policy and process portability

How Open Policy Agent allows developer teams to write and enforce consistent policy and authorization across multicloud and hybrid cloud environments

security threat / hacker / attack

Anti-adversarial machine learning defenses start to take root

Adversarial attacks are one of the greatest threats to the integrity of the emerging AI-centric economy.

Admission tickets in an digital network / access / admittance / authorization / authentication

GNAP: OAuth the next generation

The Grant Negotiation and Authorization Protocol would replace the browser-oriented OAuth with a more general authorization framework with more security features

steps stairs upward

4 steps to DevSecOps in your software supply chain

How to improve dependency management by ‘shifting security left’ and providing developers with a unified CI/CD pipeline

cso security hack control center breach gettyimages 808157576 by gorodenkoff 2400x1600px

What will cloud security look like in 3 years?

Cloud security has been better than on-premises security for several years now. Increased automation and interoperability will cement its position as a best practice.

Eyeglasses rest on a binary field / code review / threat assessment / check vulnerabilities

IBM adds code risk analyzer to cloud-based CI/CD

IBM Cloud Continuous Delivery’s Code Risk Analyzer scans Python, Node.js, and Java source code in Git repositories for security and legal risks

Blue Hexagon network security

Using OPA for cloud-native app authorization

How companies like Netflix, Pinterest, Yelp, Chef, and Atlassian use OPA for ‘who-and what-can-do-what’ application policy

A woman is about to step on a banana peel on a binary floor. / risks / mistakes / vulnerabilities

Why you’re doing cloudops wrong

Now that operational best practices for cloud computing are well known, why do mistakes keep piling up?

A magnifying lens examines top secret information amid binary code.

3 cloud architecture secrets your cloud provider won’t tell you

You may think you know everything about the proper configuration of a cloud computing solution, but cloud providers are keeping a few things to themselves.

Digital bugs amid binary code. [security threats / malware / breach / hack / attack]

GitHub adds code scanning for security bugs

GitHub users can draw on ready-made and custom queries to discover security vulnerabilities in their codebases.

cloud security ts

2 egregious cloud security threats the CSA missed

The latest Cloud Security Alliance report highlights the ‘Egregious 11’ cloud security threats. Here are a couple more to consider

Load More