January 2016

January 28, 2016 28 Jan'16
Industry group says FedRAMP certification process is 'broken'

An advocacy group representing cloud providers such as Hewlett Packard Enterprise and IBM has criticized FedRAMP and called on the government to fix the cloud certification program. Continue Reading
January 26, 2016 26 Jan'16
How Azure Security Center boosts Microsoft cloud security

Azure Security Center looks to enhance Microsoft's cloud platform by improving visibility and control. Expert Dave Shackleford outlines the features intended to do that. Continue Reading
January 22, 2016 22 Jan'16
How can a reverse proxy mode improve cloud security?

Skyhigh Networks recently obtained a patent to use reverse proxies for cloud access security broker services. Expert Dan Sullivan explains how the method works. Continue Reading

January 22, 2016 22 Jan'16
LostPass security researcher questions LastPass responses

The security researcher behind the LostPass phishing attack on LastPass has criticized the company's reaction and responses to his findings. Continue Reading
January 22, 2016 22 Jan'16
2016 SecureWorld Events Roadshow

SecureWorld conferences provide more content and facilitate more professional connections than any other event in the cyber-security industry. Continue Reading
January 19, 2016 19 Jan'16
'LostPass' phishing attack targets LastPass credentials

A new proof-of-concept attack presented at ShmooCon 2016 exploits security weaknesses in cloud-based password manager LastPass and could allow attackers to gain control of users' accounts. Continue Reading
January 19, 2016 19 Jan'16
How to perform cloud-based application analysis

Before using cloud-based applications, it's important for enterprises to know their implications. Here are some static and dynamic application analysis techniques that can help. Continue Reading
January 15, 2016 15 Jan'16
What are the benefits of the Amazon API Gateway tool for AWS?

Can the new Amazon API Gateway help make the AWS public cloud networks more secure? Expert Dan Sullivan examines how this new tool can benefit enterprises. Continue Reading
January 13, 2016 13 Jan'16
RSA president outlines cloud security strategy, IDaaS plans

RSA President Amit Yoran discusses how the security vendor is changing its focus and explains how cloud security will play an important role in RSA's new strategy. Continue Reading
January 11, 2016 11 Jan'16
How APT groups are conducting public cloud attacks

Advanced persistent threat groups are using public cloud services to their advantage. Expert Ed Moyle explains how enterprises can protect themselves. Continue Reading

January 08, 2016 08 Jan'16
Are enterprise cloud management tools a security risk?

A tool that manages hybrid cloud environments can benefit enterprises, but there are also security risks to consider. Expert Dan Sullivan explains what those risks are. Continue Reading
January 05, 2016 05 Jan'16
Breaking down the Amazon EC2 key recovery attack

A research paper demonstrating a key recovery attack on Amazon Web Services' EC2 illustrates the risks of colocation and multi-tenancy in the cloud. Expert Rob Shapland explains. Continue Reading
January 04, 2016 04 Jan'16
Is Amazon Aurora's security strong enough for enterprises?

Without encryption for data at rest, is encrypting data in transit with Amazon Aurora enough, or is it worth waiting for AWS Key Management System integration? Continue Reading

New libSSH vulnerability gives root access to servers

A 4-year-old libSSH vulnerability can allow attackers to easily log in to servers with full administrative control, but it is ...

The implications of the NetSpectre vulnerability

The NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb explains why data ...

Pentagon data breach exposed travel data for 30,000 individuals

The Department of Defense said a Pentagon data breach exposed travel records for approximately 30,000 military and civilian ...

SearchCloudComputing

Containers, cloud orchestration tools rattle DevOps foundation

Any form of virtualization that disconnects infrastructure from apps threatens the foundation of DevOps and could push IT toward ...

Machine learning tools ease cloud security, log management

Machine learning has increasingly found a home in enterprise cloud management teams, but the technology is still far from being a...

Map out a smooth migration to Azure Resource Manager

As the classic Azure portal becomes outmoded, enterprises need to migrate to ARM -- but the change doesn't always come easy. ...

SearchAWS

AWS Nitro system ushers in more compute options

While questions remain around the direction of AWS' internal Nitro project, the effort has already translated into more ...

Open source tool simplifies Kubernetes on AWS

AWS added an open source tool to manage infrastructure directly through Kubernetes. But the software is targeted at AWS assets, ...

Lambda support for OpenFaaS among wish-list items

Lambda got a long-awaited upgrade with SQS support, but AWS has more work to do. Here are a few more integrations that could ...

SearchCloudApplications

Microsoft Azure Dev Spaces, Google Jib target Kubernetes woes

Microsoft Azure and Google Cloud both added cloud application development tools that improve and simplify the process of creating...

With progressive web applications, developers blur the lines

With progressive web applications, single-page apps, motion UI and other innovations, app development meets the moment, giving ...

Web app development morphs as apps and websites merge

The lines between web and mobile app and websites are blurring, so development silos are out, and boning up on building ...

SearchServerVirtualization

Get to know the Hyper-V processor compatibility mode feature

Hyper-V processor compatibility is relatively easy to use, but it disables some advanced CPU features and is only intended for ...

Incorporate NIST security and virtualization recommendations

Review NIST virtualization security recommendations with this overview of hypervisor security guidelines, including tips on VM ...

Tame the virtualization infrastructure management beast

IT administrators must manage virtual infrastructure requirements, such as patches, reboots and component lifecycles, to create ...

SearchVMware

VMware Horizon 7.6 includes vGPU vMotion, QoS for Blast Extreme

Horizon 7.6 feature enhancements include support for virtual desktop migrations, improvements to the Blast Extreme protocol, ...

Use these PowerCLI cmdlets to automate VMware vSphere

Take advantage of these PowerCLI cmdlets to copy files to and from local machines to VMware VMs. For complex tasks, a ...

Why admins should wait to apply vSphere updates

Software vendors must meet strict deadlines, so they might leave features and improvements out of updates. Be patient and wait ...

ComputerWeekly.com

Internet of things challenges in storage and data

The internet of things brings challenges, with a host of new edge devices and data. We look at edge and core processing, ...

CW ANZ: Taming the data beast

Software-defined storage (SDS), which promises greater transparency and control over data, is an increasingly important tool in ...

Google Cloud CTO Brian Stevens on using open source for competitive advantage in the public cloud

Google Cloud CTO Brian Stevens on how the enterprise cloud conversation is changing, and why not all supplier declarations about ...