Cloud Security Management and Cloud Operations Security

Cloud Security Management and Cloud Operations Security News

December 07, 2018 07 Dec'18
Critical Kubernetes vulnerability could have widespread effects

News roundup: A critical Kubernetes vulnerability was found in the system's API server and could have a wide reach. Plus, ESET found 21 new Linux malware families, and more.
November 07, 2018 07 Nov'18
Kubernetes on VMware gains a lifeline with Heptio acquisition

VMware's Heptio buy brings it Kubernetes chops that will help it make a multi-cloud bid, but it will struggle to raise its profile in open source container management, industry watchers predict.
October 10, 2018 10 Oct'18
Puppet Enterprise updates give IT ops pros a leg up on DevOps

Puppet Enterprise 2019, Puppet Bolt 1.0 and Puppet Insights broaden enterprise IT ops pros' options for DevOps support and infrastructure automation tools.
October 10, 2018 10 Oct'18
Embrace DevOps innovation to modernize legacy applications

To bring legacy applications into the DevOps fold, IT teams must be creative and collaborate in ways that may differ sharply from approaches to greenfield projects.

Bring yourself up to speed with our introductory content

SSAE 16

The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (... Continue Reading
How Google's cloud data deletion process can influence security policies

Understanding the process behind Google's cloud data deletion can help influence stronger enterprise security policies. Expert Ed Moyle explains the process and how to use it. Continue Reading
How to configure a vTAP for cloud networks

A vTAP can give enterprises better visibility into their cloud networks. Expert Frank Siemons of InfoSec Institute explains how virtual network TAPs work and the available options. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

What's different about Google Asylo for confidential computing?

The Google Asylo framework is an open source alternative for confidential computing. Expert Rob Shapland explains how it works and how it's different from other offerings. Continue Reading
How the Microsoft Authenticator app integrates with Azure AD

Microsoft expanded the Microsoft Authenticator app to integrate with tens of thousands of Azure AD apps. Expert Dave Shackleford explains how this tool is improving security. Continue Reading
How deception technologies improve threat hunting, response

Deception tech tools enable more effective threat hunting and incident response. Learn how these tools can give security pros an edge in defending their company systems and data. Continue Reading

Learn to apply best practices and optimize your operations.

How to monitor AWS credentials with the new Trailblazer tool

A security researcher introduced a tool called Trailblazer, which aims to simplify monitoring AWS credentials. Expert Dave Shackleford explains how it can bolster cloud security. Continue Reading
How the NetSpectre vulnerability affects the cloud

The NetSpectre vulnerability performs side-channel attacks to read data across networks. Learn how to use threat modeling to stop speculative execution from expert Ed Moyle. Continue Reading
How was Google Firebase security bypassed?

Google Firebase's inadequate back-end development led to data leaks and vulnerabilities, including HospitalGown. Learn more about this security flaw from expert Michael Cobb. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Addressing vulnerable web systems that are often overlooked

Web security vulnerability scanners often focus on large applications within the enterprise. However, there are plenty of overlooked web systems that contain hidden flaws. Continue Reading
Antivirus tools: Are two programs better than one?

Antivirus software is crucial to your device's security. However, less is often more, especially when considering a secondary free antivirus program. Nick Lewis explains why. Continue Reading
Katyusha Scanner: How does it work via a Telegram account?

The Katyusha Scanner is based on the open source penetration test scanner Arachni. However, it has been modified to work through Telegram accounts. Nick Lewis explains how it works. Continue Reading