Cloud 66 Feature Highlight: Security
At Cloud 66 we think security is more than a mix of uppercase and lowercase characters in a password.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Honeypods: Applying a Traditional Blue Team Technique to Kubernetes
The use of honeypots in an IT network is a well-known technique to detect bad actors within your network and gain insight into what they are doing. By exposing simulated or intentionally vulnerable applications in your network and monitoring for access, they act as a canary to notify the blue team of the intrusion and stall the attacker’s progress from reaching actual sensitive applications and data.
ECS Fargate threat modeling
AWS Fargate is a technology that you can use with Amazon ECS to run containers without having to manage servers or clusters of Amazon EC2 instances. With AWS Fargate, you no longer have to provision, configure, or scale clusters of virtual machines to run containers. This removes the need to choose server types, decide when to scale your clusters, or optimize cluster packing. In short, users offload the virtual machines management to AWS while focusing on task management.
Bridging Data and DevOps: Is Your DevOps Incomplete?
DevOps has great potential; when it’s done right, it offers organizations improved collaboration, quick innovation, better quality, and shorter delivery cycles. But the reality is that some businesses don’t carry the DevOps process through to the data layer.
Detecting Cobalt Strike with memory signatures
At Elastic Security, we approach the challenge of threat detection with various methods. Traditionally, we have focused on machine learning models and behaviors. These two methods are powerful because they can detect never-before-seen malware. Historically, we’ve felt that signatures are too easily evaded, but we also recognize that ease of evasion is only one of many factors to consider.
Enhance API security with Apigee and Cloud Armor
APIs are great tools since they provide developers a simplified way to consume data and functionality that resides in backend systems. However, they are targets for malicious attacks because they contain business-critical information. In this video, we demo how Google Cloud can help you better secure your APIs with Apigee and Cloud Armor. Watch to learn how these tools offer security at multiple levels for your APIs!
Kubernetes Master Class: Declarative Security with Rancher, KubeLinter, and StackRox
As companies adopt containers and Kubernetes to accelerate application development, they’re wrestling with securing this new attack surface. Fortunately, the declarative, immutable nature of Kubernetes environments provides inherent security opportunities, and Kubernetes itself offers a broad set of native controls. However, these protections are not enabled by default, and many organizations are learning both the infrastructure aspects and the security aspects of Kubernetes in parallel.
Running commands securely in containers with Amazon ECS Exec and Sysdig
Today, AWS announced the general availability of Amazon ECS Exec, a powerful feature to allow developers to run commands inside their ECS containers. Amazon Elastic Container Service (ECS) is a fully managed container orchestration service by Amazon Web Services. ECS allows you to organize and operate container resources on the AWS cloud, and allows you to mix Amazon EC2 and AWS Fargate workloads for high scalability.
Enabling Secure Access for the Federal Government - Meeting Comply to Connect Mandates
Government IT organizations must demonstrate and maintain compliance with a large and growing number of regulations and standards around network access control (NAC), ensuring that all connected devices to their environment are not vulnerable is a key requirement. Comply to connect (C2C) simplifies this by enforcing that patches and hardened configurations are applied to devices before they connect and updated continually.
Five worthy reads: Understanding quantum computing and its impact on cybersecurity
Five worthy reads is a regular column on five noteworthy items we discovered while researching trending and timeless topics. In this week’s edition, let’s explore how quantum computing works and how it impacts cybersecurity.