Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.09.27
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec New MIT Tool Automatically Rewrites Old Code for New Software (Motherboard, Sep 27 2017) But take heart: It still requires human developers. The tool, dubbed CodeCarbonCopy (CCC), works by comparing the execution of both the new software and the “donor” software, […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.09.20
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec The Battle for the Cloud Has Not Even Started Yet (Gartner Blog Network, Sep 20 2017) I sat with a client yesterday who asked me a question about cloud. The question was innocuous enough: “If I had a choice, why would […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.09.13
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec AWS Earns Department of Defense Impact Level 5 Provisional Authorization (AWS Security Blog, Sep 12 2017) “The Defense Information Systems Agency (DISA) has granted the AWS GovCloud (US) Region an Impact Level 5 (IL5) Department of Defense (DoD) Cloud Computing Security […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.09.06
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec The state of DevOps–according to me (Gartner Blog Network, Aug 31 2017) “I recently had an interesting discussion with a client around DevOps. The client felt that for DevOps to happen they need to remove all barriers, security checks, etc., provide […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.08.30
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec VMware Cloud on AWS – Now Available (AWS Blog, Aug 30 2017) VMware and Amazon announced the initial availability of VMware Cloud on AWS. This service is initially available in the US West (Oregon) region through VMware and members of the […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.08.23
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Launch – Hello Amazon Macie: Automatically Discover, Classify, and Secure Content at Scale (Amazon Web Services, Aug 23 2017) Amazon Macie is a service powered by machine learning that can automatically discover and classify your data stored in Amazon S3…once your […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.08.16
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Demystifying container vs VM-based security: Security in plaintext (Google Cloud Platform Blog, Aug 09 2017) Containers can significantly improve development speed, lower costs by improving resource utilization, and improve production consistency; however, their unique security implications in comparison to traditional VM-based […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.08.09
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Super X-Ray Vision for Vulnerabilities into Non-Running Containers (The State of Security, Aug 08 2017) New functionality to scan non-running (paused, stopped, created, exited, etc.) Docker containers. This supplements the coverage for running containers, thereby giving a full view into the […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.08.02
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Attack Uses Docker Containers To Hide, Persist, Plant Malware (Threatpost, Jul 27 2017) Abuse of the Docker API allows remote code execution on targeted system, which enables hackers to escalate and persists thanks to novel attacks called Host Rebinding Attack and […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2017.07.26
IBM wants you to encrypt everything with its new mainframe (Network World Security, Jul 17 2017) IBM wants businesses to use its new z14 mainframe to encrypt pretty much everything — an approach to security it calls pervasive encryption…. How to handle risks of hypervisor hacking (Network World, Jul 20 2017) Without hypervisors, digitalization, which […]