Appknox Webinar: Effective Cloud Security Episode - 1
Find out what it takes to have the best in class Cloud Security backing the open source tools that drive Business Growth.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
March 2020
Featured Post
Evaluating FedRAMP Compliance For Cloud Services Providers
The Federal Risk and Authorization Management Program (FedRAMP) comprises a set of standardized guidelines for monitoring, authorizing, and undertaking security assessments on cloud service providers (CSPs). The objective of the guidelines is to ensure that providers of cloud services meet the necessary cloud security standards. FedRAMP requires all CSPs to get accessed by third-party organizations to ensure that they meet cloud security guidelines that apply to them.
The Future is Hybrid: Practicing Security in the Hybrid Cloud
By now, many organizations have adopted the cloud in some way. We saw organizations moving whole servers over to the cloud at the beginning, but now we see small parts of a system being moved to the cloud and new cloud native offerings. We’ll use the analogies of Lincoln Logs and Legos to describe these deployment models.
What COVID-19 teaches us about Micro-segmentation and Run-time Cloud Workload Protection
March 2020, the Coronavirus is pretty much everywhere. As I am writing these lines, the number of cases worldwide is 341,334 and 192 different countries have experienced infections.The world is fighting this epidemic and travel limitations are widely used in order to control the spread of the disease. While some say these restrictions are critical, others claim it to be ineffective and redundant. I am not an epidemiologist and will leave that analysis to the experts.
Amazon VPC Traffic Mirroring
The first means to collect security-relevant information at Cloud SIEM Enterprise (CSE) was our Network Sensor. It was built to analyze network traffic and provide visibility beyond traditional SIEM's down to the network-level. Beyond organizing packets into flows, the sensor supports more advanced features such as decoding of common protocols, file carving, SSL certificate validation, OS fingerprinting, clustered deployment and more.
How Teleport Delivers Security Best Practices for Privileged Access Management of Cloud-Native Infrastructure
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
Practical Cloud Security
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
The US National Security Agency's best practices for cloud security.
To address the confusion surrounding cloud technology, the US National Security Agency (NSA) has published a guide explaining cloud technology and its vulnerabilities. We've made things easier by preparing a guide that gives you the best practices to fix these vulnerabilities, and keep your cloud environment secure.
Teleport vs AWS Session Manager
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.