About an hour ago we launched the new developerWorks security site. I’m excited to have this corner of developerWorks to pull together all of the existing security articles on dW in one place. But more importantly we’re looking forward to producing a steady stream of how-to articles and videos on producing secure code and securing your IT operations at the new developerWorks security site.
The developerWorks security site has two key parts to its “Practices” area. The first section is about software engineering practices related to security. The second part is devoted to helping secure IT operations. Obviously this is a huge area all by itself, so we’ve decided to break it down into the following practice areas:
- Identity and Access Management: The practices associated with helping to verify people’s identity and helping to give access to the right resources for the right purposes at the right time.
- Application Security: The practices used throughout the life cycle of an application to help prevent, detect, and eliminate vulnerabilities introduced in design, development, deployment, or maintenance of an application.
- Data Protection: The practices used to help protect information from unauthorized use, disclosure, modification, or destruction using cryptography, redaction, and obfuscation.
- Endpoint Security: The practices used to help enable each device in an IT environment to protect itself from malicious activity either from external sources or from within the device. We’ll be covering everything from mainframe host systems to smartphones as IT endpoints.
- Network Security: The practices used to help prevent and monitor unauthorized access to a network and to help prevent disruption to access of network resources. In this section we’ll be covering real networks as well as virtualized environments and cloud computing.
Join the developerWorks security site
As you can see in the screen shot of the developerWorks security site, we’ve also got a security community page that pulls together all of the current active security communities on the developerWorks. We’ve got forums, blogs, libraries, and wikis with active communities on a variety of security topics. You can get involved by visiting the developerWorks sign up page to create an account. Then visit developerWorks security site community page or the developerWorks community home page and join the communities you’re interested in.
So poke around the site some and let me know what you think and if you’d lik eto write for developerWorks security site, visit the submit content page.
updated 8/17 to remove any hint that IBM can ensure security.