A Review of the Best News of the Week on Cloud Security, DevOps, AppSec

Splunk acquires VictorOps in $120 million deal (SC Magazine, Jun 11 2018)
Splunk has acquired the devops incident management firm VictorOps for $120 million in cash and Splunk securities.

Fooling security tools into believing malicious code was signed by Apple (Help Net Security, Jun 12 2018)
The way developers of third-party security tools use the Apple code signing API could be exploited by attackers to make malicious code linger undetected on Macs, a security researcher has discovered.

WannaCry Hero Marcus Hutchins’ New Legal Woes Spell Trouble for White Hat Hackers (Wired, Jun 08 2018)
By expanding the case against Marcus Hutchins, the Department of Justice has signaled a troubling interpretation of cybersecurity law.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Google Cloud announces the Beta of single tenant instances (TechCrunch, Jun 07 2018)
Google announced the Beta of Google Compute Engine Sole-tenant nodes, which have been designed for use cases such a regulatory or compliance where you require full control of the underlying physical machine, and sharing is not desirable.

Combine Agility and Security with a Container-Native Approach (Container Journal, Jun 11 2018)
The privileged container approach delivers much of what you need from a container security solution. It can effectively detect, protect and respond to security issues in the container environment. However, you lose the portability aspect of containers and limit your deployment options. If you ever choose to migrate to a container-as-a-service (CaaS), function-as-a-service (FaaS) or serverless computing platform, the privileged container model will break. You will be forced to re-architect your container security solution.

Detecting script-based attacks on Linux (Microsoft Azure Blog, Jun 06 2018)
This post aims to demonstrate how existing Windows detections often have Linux analogs. A specific example of this is the encoding or obfuscation of command-lines.

DOD Looks to the Cloud for Browser Security (Dark Reading, Jun 06 2018)
The US Department of Defense just published its cloud browser strategy. What’s yours?

How to create custom alerts with Amazon Macie (AWS Security Blog, Jun 07 2018)
Amazon Macie is a security service that makes it easy for you to discover, classify, and protect sensitive data in Amazon Simple Storage Service (Amazon S3). Macie collects AWS CloudTrail events and Amazon S3 metadata such as permissions and content classification.

Continuous Monitoring in the Cloud (Cloud Security Alliance Blog, Jun 11 2018)
As government has moved and will continue to move to the cloud, it is becoming increasingly important to ensure continuous monitoring goals are met in this environment. Specifically, cloud assets can be highly dynamic, lacking persistence, and thus traditional methods for continuous monitoring that work for on-premise solutions don’t always translate to the cloud.

X-ray your SaaS apps to reveal hidden security vulnerabilities (CSO Online, Jun 08 2018)
Best practices to understand security evaluations what is happening “under the hood” of cloud/SaaS applications.

Moving to central network security policy management for hybrid clouds (CSO Online, Jun 06 2018)
With controls built into the infrastructure, the industry is headed toward central network security policy management (and reporting).

Securing microservices and containers: A DevOps how-to guide (Help Net Security, Jun 11 2018)
For organizations looking for end-to-end security for their microservices and containers, there are three core tenants of an effective microservice security solution: Comprehensive, Identity-driven, and Heterogenous.

Cost of lagging DevOps and microservice enablement? $34 million per year (Help Net Security, Jun 13 2018)
The Ponemon Institute conducted a survey of more than 600 individuals responsible for cloud management at organizations with an average budget of $147 million for managing hybrid cloud operations.

There’s No Such Thing as DevSecOps (DevOps, Jun 07 2018)
The siloed approaches to security hardening that worked in the past are incompatible with the holistic, iterative software development and deployment model of DevOps.

Software bug flipped 14 million Facebook users to ‘public’ (SC Magazine, Jun 07 2018)
Facebook was testing a feature that would help users share content.

Crowdsourced security trends: Payouts to hackers increase (Help Net Security, Jun 07 2018)
75% of all P1 vulnerability payouts were above $1,200, up from $926 last year. More than 91% of all vulnerability submissions were web vulnerabilities.

Microsoft’s Github buy: is it good news for security? (SC Magazine, Jun 06 2018)
Microsoft has announced a £5.6 billion deal to acquire software development platform GitHub, arguably the most visible open source resource online.

Google removes inline installation option for Chrome extensions (Help Net Security, Jun 13 2018)
Google is shutting down an often used vector for delivering malicious Chrome extensions to users by removing the inline installation option.