HackDig : Dig high-quality web security articles for hacker

DevSecOps: The Answer to the Cloud Security Skills Gap

There's a skills and resources gap industrywide, but a DevSecOps approach can go a long way toward closing that gap.Digital transformation is driving change in every corner of the security industry. Organizations are evolving and expanding into the cloud rapidly, but their security teams and legacy data centers are holding them back. A skills and resources g
Publish At:2019-11-15 11:50 | Read:51 | Comments:0 | Tags: Cloud

Securing Google Cloud Run serverless workloads

Google Cloud Run is a serverless compute platform that automatically scales your stateless containers. In this post we are going to showcase how to secure the entire lifecycle of your Cloud Run services. Sysdig provides a secure DevOps workflow for Cloud Run Platforms that embeds security, maximizes availability and validates compliance across the ser
Publish At:2019-11-14 23:50 | Read:20 | Comments:0 | Tags:Uncategorized Google Cloud Sysdig Secure Cloud

Aqua Security Acquires CloudSploit

CloudSploit has been acquired by Aqua Security for an undisclosed sum.Aqua Security, the leading platform provider for securing container-based, serverless, and cloud native applications, announced the acquisition of security auditing and monitoring tool CloudSploit today. The American company said the addition of CloudSploit will enable them to ex
Publish At:2019-11-12 15:30 | Read:207 | Comments:0 | Tags: Cloud

Researchers Find New Approach to Attacking Cloud Infrastructure

Cloud APIs' accessibility over the Internet opens a new window for adversaries to gain highly privileged access to cloud assets. Public cloud infrastructure presents security teams with a new invisible management layer, creating new security challenges that demand better understanding. Many organizations don't properly understand the cloud identity and acces
Publish At:2019-11-11 22:10 | Read:51 | Comments:0 | Tags: Cloud

Cloud Networking and Security Firm Aviatrix Raises $40 Million

Aviatrix, a California-based provider of cloud networking and security services for enterprises, on Monday announced that it raised $40 million in a Series C funding round.The round, which brings the total raised to date by Aviatrix to over $76 million, was led by CRV, with participation from Formation 8, Ignition Partners and Liberty Global Ventures.Aviatri
Publish At:2019-10-28 22:15 | Read:586 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Cloud Security Manageme

Adobe Exposed Creative Cloud Customer Information

Adobe has admitted that some Creative Cloud customer information — 7.5 million records, according to the researchers who stumbled upon the data — was exposed recently due to a misconfiguration.Researcher Bob Diachenko and Comparitech reported last week that they had identified an unprotected Elasticsearch database — the database was accessible without a pass
Publish At:2019-10-28 10:15 | Read:331 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Data Protection Cl

US Military Personnel Exposed in Latest Cloud Data Leak

Researchers have discovered another unsecured Elasticsearch database, this time exposing data on thousands of travelers including US military and government employees.The research team at vpnMentor discovered the online database hosted on AWS infrastructure, on September 13. It belonged to Autoclerk, a reservations management system now owned by hotel chain
Publish At:2019-10-22 07:40 | Read:265 | Comments:0 | Tags: Cloud

Trend Micro Tackles Cloud Misconfigurations with Latest Acquisition

Trend Micro has announced the acquisition of Australian start-up Cloud Conformity, in a deal which will see it expand its cloud security portfolio to include mitigations for customer misconfigurations.Following the reported $70m deal, Trend Micro is offering the Cloud Security Posture Management (CSPM) company’s solution immediately to its global custo
Publish At:2019-10-22 07:40 | Read:261 | Comments:0 | Tags: Cloud

Trend Micro Acquires Cloud Security Firm Cloud Conformity

Trend Micro on Monday announced the acquisition of cloud security company Cloud Conformity for $70 million.Founded in Australia, Cloud Conformity specializes in cloud security posture management (CSPM) and it provides cloud security, governance and compliance solutions for organizations using AWS, Microsoft Azure and Google Cloud.By acquiring Cloud Conformit
Publish At:2019-10-21 12:00 | Read:300 | Comments:0 | Tags:NEWS & INDUSTRY Compliance Cloud Security Management &am

Duke APT group's latest tools: cloud services and Linux support

Recent weeks have seen the outing of two new additions to the Duke group's toolset, SeaDuke and CloudDuke. Of these, SeaDuke is a simple trojan made interesting by the fact that it's written in Python. And even more curiously, SeaDuke, with its built-in support for both Windows and Linux, is the first cross-platform malware we have observed from the Duke gro
Publish At:2019-10-18 10:30 | Read:163 | Comments:0 | Tags: Cloud

AWS vs. Azure vs. Cloud+: To specialize, generalize or both?

IntroductionCloud technology is continuing to grow. Amazon Web Services (AWS) and Microsoft Azure are two cloud providers and platforms that are dominating the cloud space, but they are not alone. Other cloud platforms include Google Cloud, IBM Bluemix and Alibaba, and that’s not even all of them.With these multiple options, it may be tough to decide w
Publish At:2019-10-18 10:15 | Read:204 | Comments:0 | Tags:Cloud Computing Cloud

Automating Secure Configuration Management in the Cloud

For many organizations moving to the cloud, Infrastructure as a Service (IaaS) like AWS EC2, Azure Virtual Machines or Google Compute Engine often forms the backbone of their cloud architecture. These services allow you to create instances of pretty much any operating system almost instantly.Unfortunately, moving your IT infrastructure to the cloud doesn’t r
Publish At:2019-10-18 10:10 | Read:187 | Comments:0 | Tags:Cloud tripwire enterprises _Configuration Management

Private Cloud vs Public Cloud Security Challenges

As a system administrator during the early days of the “cloud revolution” I found the “cloud” metaphor an interesting choice to frame the technology stack. Clouds, in my mind, were “woolly” and hard to pin down as opposed to the omnipresent, always-available things that IT marketers were suggesting cloud services would be. But whilst I wasn’t a fan of the me
Publish At:2019-10-18 10:10 | Read:163 | Comments:0 | Tags:Cloud private cloud public cloud security

Revisiting The Concepts of Disaster Recovery and Risk as Organizations Move Their Infrastructure To The Cloud

The calculus for disaster recovery and risk management is changing. Most small businesses within the past decade would often keep many of their critical technology assets locally, perhaps in a server closet, or a centralized data center for multiple offices. They built their own “vault” of applications, databases, email, files, etc., often on a few physical
Publish At:2019-10-18 10:10 | Read:146 | Comments:0 | Tags:Cloud disaster recovery Risk Management

48% of corporate data is now stored on the cloud

The cloud has revolutionized the business world. Thanks to this technology, companies can store an ever increasing amount of data without having to invest in additional hardware. What’s more, thanks to cloud storage, employees can access this data no matter where they are. In fact, for many companies, this constant access to data is their main reason for usi
Publish At:2019-10-17 10:35 | Read:220 | Comments:0 | Tags:Security Cloud

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud