Topic: security

The Cloud Security Alliance announces new risks, threats and vulnerabilities for migrating to the hybrid cloud

With hybrid clouds now often the starting point for organizations in their cloud journey, management, access control, data use, and service contracts become more difficult with multi-cloud convergence, according to the Cloud Security Alliance in a whitepaper. “Although the hybrid cloud environment seamlessly integrates private and public cloud, bringing onboard new IT capabilities to the … continue reading

ITOps Times Open-Source Project of Week: SPIFFE

SPIFFE stands for the Secure Production Identity Framework For Everyone. The project aims to define a framework and standards for identifying and securing communications between app services.  According to its GitHub page, SPIFFE includes SPIFFE IDs implemented as Uniform Resource Identifiers. This defines how services services identify themselves to one another SPIFFE Verifiable Identity Document … continue reading

Report finds nearly half of respondents delay rolling out applications because of container security concerns

Security continues to be a concern for container strategies. A recent report by the container security company StackRox found that 44% of respondents delayed rolling out applications into production because of security concerns and that security incidents among respondents remain high at 90%.  “Rolling out an application that hasn’t passed a security assessment puts the business … continue reading

The Cloud Security Alliance releases new insights into the top cloud computing threats

In an effort to help secure cloud computing environments, the Cloud Security Alliance (CSA) has released the Top‌ ‌Threats‌ ‌to‌ ‌Cloud‌ ‌Computing:‌ ‌Egregious‌ 11‌ Deep‌ ‌Dive‌ report. The report takes a deep look at the challenges of cloud computing as well as looks into nine recent cybersecurity attacks and breaches.  “These anecdotes will let cybersecurity … continue reading

FireMon announces new agile network security policy management platform

FireMon’s new agile network security policy management platform offers security capabilities to enable cloud and digital transformation initiatives.  “Our customers have told us that traditional approaches to managing network security policy are too cumbersome for their dynamic cloud and hybrid environments,” said Satin H. Mirchandani, the president and CEO of FireMon. “Our agile approach to … continue reading

SentinelOne announces Automated Application Control Engine to secure cloud and containerized workloads

SentinelOne has released a new automated application control engine that is designed to secure cloud and containerized workloads without human intervention. The automated engine eliminates the need to manually maintain allow-lists, which preserves cloud and container workload’s immutable states while also defending against malware, cryptojacking, and zero-day threats. “It is critical to defend cloud and … continue reading

ITOps Times news digest: Oracle Cloud VMware, Red Hat Virtualization 4.4, etcd security audit

Oracle has announced its VMware solution is now available. The Oracle Cloud VMware solution is a cloud-native VMware-based environment that enables users to move VMware workloads to Oracle Cloud Infrastructure.  “Building new digital services. Scaling business-critical apps. Enabling a remote workforce. Applications sit at the core of addressing these challenges, and hybrid cloud opens the … continue reading

Tanium and Google Cloud team up to protect distributed business operations

Endpoint management and security provider Tanium and Google Cloud are expanding their partnership to support distributed business operations. According to the companies, as more employees transition to remote work and organizations become more distributed, IT and security teams are having to defend against an increasing number of cyberattacks while maintaining availability and security.  “According to … continue reading

ITOps Times news digest: Threat Stack for AWS Fargate, Aqua Security now on Red Hat Marketplace, and Aerospike Database 5.1

The company is extending its observability solution to the Amazon Elastic Container Service compute engine. The new capabilities will enable users to monitor AWS Fargate aspects such as processes, network activity, and running code.  “Our ‘Leveraging DevSecOps to Secure Cloud-native Applications’ report shows the top container security challenge is aligning the architectural implementation of a … continue reading

Patch management can be a challenge, but not impossible

Updating systems on a regular basis is one of the best lines of defense against cyberattacks, but many companies are still struggling to effectively do patch management. According to a study conducted by ServiceNow and the Ponemon Institute, of the nearly half of respondents who had a data breach in the past two years, 60% … continue reading

Google to protect cloud services with Private Service Connect

Google wants to make sure organizations are secure in the cloud, and is releasing Private Service Connect alpha to achieve that goal.  According to the company, as organizations start to take advantage of more cloud services, it can be challenging and complex to manage routing topologies, different networks, different organizations and the information being shared … continue reading

Twitter attack highlights the need for security awareness training

Yesterday, Twitter suffered a massive attack in which several high profile Twitter accounts were compromised. The account was carried out using social engineering, Twitter has verified.  Affected accounts, which included Bill Gates, Elon Musk, Barack Obama, Joe Biden, and other high profile figures, began tweeting the address of a bitcoin wallet, along with the message … continue reading

1 2 3 14
© 2020 D2 Emerge LLC.

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!