Operations | Monitoring | ITSM | DevOps | Cloud

CloudSploit

Announcing CloudSploit for Azure

Today, CloudSploit is excited to share that our cloud security auditing solution is now publicly available for Microsoft Azure IaaS accounts. This release includes all the hallmarks of CloudSploit’s existing service for Amazon Web Services: an open source core scanning engine, PCI and HIPAA compliance program mappings, detailed security reports including recommended remediation information, links to official Azure documentation, and full support for all 42 Azure regions.

A Technical Analysis of the Capital One Hack

The recent disclosure of yet another cloud security misconfiguration leading to the loss of sensitive personal information made the headlines this past week. This particular incident came with a bit more information from the indictment of the accused party, allowing us to piece together the revealed data and take an educated guess as to what may have transpired leading up to the loss of over 100 million credit card applications and 100 thousand social security numbers.

The Need for Security-Specific Applications

When we talk about cloud providers, we often forget that not all data is the same — even in the same application, while we might think of this data as from a “financial application” or a “computation process”, the reality is that each data set has subsets upon subsets, and thus require specific applications to manage them.

All the Security and Compliance Features Announced at AWS Re:Invent 2018

Yet another Re:Invent has concluded, leaving behind a trail of announcements, new features, and vendor swag (how many T-shirts can we possibly own?). Security was a hot topic at this year’s conference; so much so that it was mentioned in-depth within the first 10 minutes of Andy Jassy’s keynote and numerous times afterwards, as well as during Werner Vogel’s keynote the following day.

CloudSploit Compliance Scanning Scans AWS Infrastructure for Compliance with Privacy Standards

One of the most common business requirements data handlers face is the numerous data privacy standards present as industry standards. Each industry has their own variation, each with their own specific requirements — but regardless of the standard or the applied dataset, compliance is extremely important.