Security | News, how-tos, features, reviews, and videos

covering his eyes bu004744 100266305 orig
uh oh oops mistake it malfunction blunder ben franklin bby dny59 getty 175531215

data security / padlock / binary code / digital display

What is unified policy as code, and why do you need it?

By decoupling policy from applications, policy as code allows you to change the coding for policy without changing the coding for apps. Translation: reliability, uptime, and efficiency.

security threat / hacker / attack

The cloud attack you didn’t see coming

If stealth hacking hasn’t already come to cloud computing, it will shortly. Protect yourself by knowing your responsibilities and using effective tools.

cloud security ts

The pandemic-driven rush to cloud is compromising security

COVID-19 has been a boon for cloud computing. However, the haste to move to cloud is causing some enterprises to neglect security. Here’s what you need to look out for.

Admission tickets in an digital network / access / admittance / authorization / authentication

Authorization is the next big technical challenge

Oso’s CEO says authorization will be the next layer of software to be abstracted and made less onerous for developers. If you ask developers, it can’t happen soon enough.

crash test dummies

Google’s OSS-Fuzz extends fuzzing to Java apps

Google’s open source fuzz testing project draws on Code Intelligence’s Jazzer to add support for Java and other JVM languages.

Tech Spotlight   >   Cybersecurity [IFW]   >   Hands at a keyboard with binary code on the display.

6 security risks in software development and how to address them

Experts share how software development teams can ‘shift security left’ and improve governance of using open source components, managing code, deploying services, and handling data.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands cradle an abstract, virtual security matrix.

Cybersecurity in 2021: Stopping the madness

The challenges are greater than ever. But security pros have learned a lot – and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.

Tech Spotlight   >   The Future of Work [Overview]   >   A crystal ball for peering into the future.

The future of work: Coming sooner than you think

What will your worklife be like years from now? Today's work-from-home world has given us a glimpse of the future, as these five articles from CIO, Computerworld, CSO, InfoWorld, and Network World illustrate.

IDG edit cubicles wide-angle lens iphone 6S

How we’ll use cloud when we go back to work

We’ve proactively enabled a new remote workforce this past year, but some may return to the office soon. Better start planning.

A home workspace displays a sign marking the new normal.

The new normal needs new cloud security

IT leaders now question the effectiveness of security that was built before remote work spiked the use of cloud computing. Do their defenses hold up under widely distributed use?

gears iot

Using OPA with GitOps to speed cloud-native development

Devops teams are flocking to GitOps strategies to accelerate development time frames and eliminate cloud misconfigurations. They should adopt a similar ‘as-code’ approach to policy.

cubes - blocks - squares - containers - storage - repository

Containers require good architecture

They may seem simple, but containers require a whole new architecture skill set. Here’s what you need to know.

the list smartphone resolutions

My 2021 cloud computing New Year’s resolutions

It’s that time of year to make promises to yourself you’ll never keep. Perhaps these cloud-related improvements will be different.

Blue Hexagon network security

How to bring zero-trust security to microservices

Why we must use a zero-trust security model in microservices and how to implement it using the Kuma universal service mesh.

cloud security ts

Using OPA for multicloud policy and process portability

How Open Policy Agent allows developer teams to write and enforce consistent policy and authorization across multicloud and hybrid cloud environments

security threat / hacker / attack

Anti-adversarial machine learning defenses start to take root

Adversarial attacks are one of the greatest threats to the integrity of the emerging AI-centric economy.

Admission tickets in an digital network / access / admittance / authorization / authentication

GNAP: OAuth the next generation

The Grant Negotiation and Authorization Protocol would replace the browser-oriented OAuth with a more general authorization framework with more security features

steps stairs upward

4 steps to DevSecOps in your software supply chain

How to improve dependency management by ‘shifting security left’ and providing developers with a unified CI/CD pipeline

Load More