Security
Security | News, how-tos, features, reviews, and videos
What is unified policy as code, and why do you need it?
By decoupling policy from applications, policy as code allows you to change the coding for policy without changing the coding for apps. Translation: reliability, uptime, and efficiency.
The cloud attack you didn’t see coming
If stealth hacking hasn’t already come to cloud computing, it will shortly. Protect yourself by knowing your responsibilities and using effective tools.
The pandemic-driven rush to cloud is compromising security
COVID-19 has been a boon for cloud computing. However, the haste to move to cloud is causing some enterprises to neglect security. Here’s what you need to look out for.
Authorization is the next big technical challenge
Oso’s CEO says authorization will be the next layer of software to be abstracted and made less onerous for developers. If you ask developers, it can’t happen soon enough.
Google’s OSS-Fuzz extends fuzzing to Java apps
Google’s open source fuzz testing project draws on Code Intelligence’s Jazzer to add support for Java and other JVM languages.
![Tech Spotlight > Cybersecurity [IFW] > Hands at a keyboard with binary code on the display.](https://images.idgesg.net/images/article/2021/03/spot_cybersecurity_05_ifw_binary_code_on_desktop_display_by_m-a-u_gettyimages-857874124-100879642-small.3x2.jpg)
6 security risks in software development and how to address them
Experts share how software development teams can ‘shift security left’ and improve governance of using open source components, managing code, deploying services, and handling data.
![Tech Spotlight > Cybersecurity [CSO] > Hands cradle an abstract, virtual security matrix.](https://images.idgesg.net/images/article/2021/03/spot_cybersecurity_01_cso_overview_hands_cradle_virtual_security_matrix_by_alexsl_gettyimages-1140974750-100879632-small.3x2.jpg)
Cybersecurity in 2021: Stopping the madness
The challenges are greater than ever. But security pros have learned a lot – and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.
![Tech Spotlight > The Future of Work [Overview] > A crystal ball for peering into the future.](https://images.idgesg.net/images/article/2021/02/spot_future_of_work_cio_overview_3x2_2400x1600_article_crystal_ball_by_greg_tockner_cc0_via_unsplash-100876230-small.3x2.jpg)
The future of work: Coming sooner than you think
What will your worklife be like years from now? Today's work-from-home world has given us a glimpse of the future, as these five articles from CIO, Computerworld, CSO, InfoWorld, and Network World illustrate.
How we’ll use cloud when we go back to work
We’ve proactively enabled a new remote workforce this past year, but some may return to the office soon. Better start planning.
The new normal needs new cloud security
IT leaders now question the effectiveness of security that was built before remote work spiked the use of cloud computing. Do their defenses hold up under widely distributed use?
Using OPA with GitOps to speed cloud-native development
Devops teams are flocking to GitOps strategies to accelerate development time frames and eliminate cloud misconfigurations. They should adopt a similar ‘as-code’ approach to policy.
Containers require good architecture
They may seem simple, but containers require a whole new architecture skill set. Here’s what you need to know.
My 2021 cloud computing New Year’s resolutions
It’s that time of year to make promises to yourself you’ll never keep. Perhaps these cloud-related improvements will be different.
How to bring zero-trust security to microservices
Why we must use a zero-trust security model in microservices and how to implement it using the Kuma universal service mesh.
Using OPA for multicloud policy and process portability
How Open Policy Agent allows developer teams to write and enforce consistent policy and authorization across multicloud and hybrid cloud environments
Anti-adversarial machine learning defenses start to take root
Adversarial attacks are one of the greatest threats to the integrity of the emerging AI-centric economy.
GNAP: OAuth the next generation
The Grant Negotiation and Authorization Protocol would replace the browser-oriented OAuth with a more general authorization framework with more security features
4 steps to DevSecOps in your software supply chain
How to improve dependency management by ‘shifting security left’ and providing developers with a unified CI/CD pipeline
-
White Paper
-
White Paper
-
Video/Webcast
Sponsored -
eBook
Sponsored -
Analyst Report
Sponsored
![Tech Spotlight > The Future of Work [Overview] > A crystal ball for peering into the future.](https://images.idgesg.net/images/article/2021/02/spot_future_of_work_cio_overview_3x2_2400x1600_article_crystal_ball_by_greg_tockner_cc0_via_unsplash-100876230-medium.3x2.jpg)
![Tech Spotlight > Cybersecurity [CSO] > Hands cradle an abstract, virtual security matrix.](https://images.idgesg.net/images/article/2021/03/spot_cybersecurity_01_cso_overview_hands_cradle_virtual_security_matrix_by_alexsl_gettyimages-1140974750-100879632-medium.3x2.jpg)
