InfoQ Homepage Application Security Content on InfoQ
-
Posted by
Josh Grossman
on
Jan 12, 2024
Sustainable Security Requirements with the ASVS
Josh Grossman provides a brief overview of what the ASVS is, but takes a closer look at balancing trade-offs and prioritizing different security requirements.
on Jan 12, 2024Icon46:14 -
Posted by
Rajiv Kapoor
on
Nov 14, 2021
DevSecOps and Application Security
Rajiv Kapoor, Clint Gibler, André Tehrani, Anastasiia Voitova, and Erik Costlow discuss how to integrate security into DevOps, where their concerns are and how each is addressed.
on Nov 14, 2021Icon45:05 -
Posted by
Laura Bell
on
May 09, 2018
Bigger, Faster and More Secure
Laura Bell talks about how security can look when it stops being about fear and starts being a tool for building systems of the future.
on May 09, 2018Icon35:15 -
Posted by
David Rook
on
Jun 29, 2017
Building Secure Player Experiences at Riot Games
David Rook talks about the Riot Games Application Security program. He focusses on the tech and social aspects of the program and why he feels both are important when it comes to writing secure code.
on Jun 29, 2017Icon54:32 -
Posted by
Josh Schwartz
on
Jun 29, 2017
How to Backdoor Invulnerable Code
Josh Schwartz takes a look at the real tactics, with examples, used to compromise and backdoor seemingly secure products by exploiting the humans and systems that create them.
on Jun 29, 2017Icon45:49 -
Posted by
Kymberlee Price
on
Sep 14, 2016
Security Vulnerabilities in 3rd Party Code: FIX ALL THE THINGS
Kymberlee Price discusses vulnerability data and explores the source and spread of these vulnerabilities through products, along with advice on what can be done to address security vulnerabilities.
on Sep 14, 2016Icon01:04:16 -
Posted by
Phil Nash
on
Jul 12, 2016
Two-Factor Authentication
Phil Nash takes a look at generating one time passwords, implementing two-factor authentication in web applications and the use cases for QR codes.
on Jul 12, 2016Icon36:35 -
Posted by
Jim Webber
on
Mar 29, 2016
Real-Time Fraud Detection with Graphs
Jim Webber talks about several kinds of fraud common in financial services and how each decomposes into a straightforward graph use-case. He explores them using Neo4j and Cypher query language.
on Mar 29, 2016Icon42:23 -
Posted by
Tony Trummer
on
Dec 23, 2015
Android Apps, an Attacker’s Perspective
Tony Trummer focuses on how to apply an adversarial perspective when building Android applications, how to identify attack surfaces and the thought process attackers use.
on Dec 23, 2015Icon35:23 -
Posted by
Michael Coates
on
Dec 18, 2015
Applications Through an Attacker’s Lens
Michael Coates explores how attackers target, analyze and compromise applications and discusses recent high profile compromises and deconstructs them to understand exactly what went wrong.
on Dec 18, 2015Icon50:00 -
Posted by
Shuman Ghosemajumder
on
Dec 04, 2015
The Imitation Game: The New Frontline of Security
S. Ghosemajumder reviews the evolution of AI based security attacks that imitate the actions of real people, and looks at how they are changing the nature of developing online applications securely.
on Dec 04, 2015Icon48:17 -
Posted by
Bill Sempf
on
Oct 28, 2015
Weaving Security into the SDLC
Bill Sempf discusses security in the context of the SDLC, presenting the analysis results from reviewing several code sources, the problems found and the corresponding solutions.
on Oct 28, 2015Icon51:11