Tips

Tips

• How Microsoft uses secure enclaves to improve cloud security

  The use of secure enclaves in the Microsoft Azure confidential computing update aims to improve cloud storage security. Expert Rob Shapland explains how it works.  Continue Reading

• Ransomware in the cloud: How to handle the threat

  Expert Ed Moyle looks at ransomware in the cloud and how it differs from traditional ransomware attacks. Find out how your organization can prepare for both.  Continue Reading

• Is cloud microsegmentation secure enough for enterprise use?

  The use of cloud microsegmentation in enterprises has been met with some hesitation. Expert Dave Shackleford discusses why there are reservations and what the benefits are.  Continue Reading

• How to use the NIST Cybersecurity Framework for the cloud

  Aligning the NIST Cybersecurity Framework with cloud services like AWS and Azure can improve cloud security. Expert Ed Moyle explains how to best use the framework for the cloud.  Continue Reading

• How a cloud-based Kali Linux system helps with pen testing

  Enterprises can use a Kali Linux system in the cloud for penetration testing. Expert Frank Siemons explains how it works and some alternative methods for testing.  Continue Reading

• Why web application attacks are a growing threat to the cloud

  New research found that web application attacks present a significant threat to cloud environments. Rob Shapland explains the risks and what enterprises should do about them.  Continue Reading

• Understanding VM escape vulnerabilities and how to avoid them

  In the last couple of years, VM escape vulnerabilities have popped up and caused problems for enterprises that rely on the cloud. Expert Ed Moyle explains how to handle these issues.  Continue Reading

• How Docker APIs can be misused to plant malware

  Researchers discovered how Docker APIs can be exploited to hide malware. Dave Shackleford explains the attack method and the threat it poses to container and virtual machines.  Continue Reading

• Why cloud reconnaissance is crucial to a secure cloud environment

  Knowledge is power, which is why cloud reconnaissance and enumeration are key when it comes to securing the cloud. Expert Frank Siemons explains why and how to do it.  Continue Reading

• Ransomware defense isn't necessarily stronger in the cloud

  Storing data in the cloud isn't a sure-fire ransomware defense method. Expert Rob Shapland examines how the cloud helps and hurts when it comes to ransomware attacks.  Continue Reading

• The security risks of HTTPS inspection in the cloud

  Cloud service providers can perform HTTPS inspection, despite warnings from US-CERT. Expert Ed Moyle looks at what this technique does and what the security implications are.  Continue Reading

• How to manage control inheritance in a hybrid cloud environment

  Effective management of access control inheritance is important in a hybrid cloud environment. Expert Ravila White explains the challenges involved and how to overcome them.  Continue Reading

• How attackers can intercept iCloud Keychain data

  A verification flaw in the synchronization service of iCloud Keychain enables attackers to intercept the data it transfers. Expert Frank Siemons explains what to do about it.  Continue Reading

• How Microsoft SRD uses AI to help developers with security

  Microsoft SRD is a new cloud service that aims to detect vulnerabilities in software using artificial intelligence. Expert Dave Shackleford explains what that means.  Continue Reading

• Face the challenges of secure cloud access control

  Don't store identity and access data in the cloud without first taking secure cloud access control seriously. Expert Rob Shapland explains the security considerations for enterprises.  Continue Reading

• A look at serverless applications and how to secure them

  Serverless applications can be powerful tools, but they also require specific security tactics. Expert Ed Moyle explains how these applications work and how they can be secured.  Continue Reading

• Applying proper cloud access control to prevent data exposures

  Several recent data exposures have involved misconfigured Amazon S3 buckets. Dave Shackleford discusses the importance of proper cloud access control and how to implement it.  Continue Reading

• How to keep an Amazon S3 bucket from becoming public

  A public-facing Amazon S3 bucket caused problems for major organizations, including Booz Allen Hamilton. Expert Rob Shapland explains what happened and how to prevent it.  Continue Reading

• Zombie cloud infrastructures haunt enterprise security teams

  Instances created, but then forgotten can cause zombie cloud infrastructures that threaten the security of enterprises. Expert Frank Siemons discusses how to handle these systems.  Continue Reading

• The security challenges of custom applications in the cloud

  Securing custom applications in the cloud can be a hassle for enterprises. Expert Ed Moyle discusses how to make it easier to secure custom cloud apps.  Continue Reading

• Why the use of blockchain in the cloud is growing quickly

  Blockchain cloud services may offer organizations the ability to shift away from traditional cryptography models. Expert Dave Shackleford discusses what options are available.  Continue Reading

• How to use a cloud-based sandbox to analyze malware

  A cloud-based sandbox can be a helpful tool for enterprises looking to bolster their intrusion prevention systems. Expert Rob Shapland explains how to leverage this technology.  Continue Reading

• How NetFlow data can be used for cloud environments

  Collecting and analyzing NetFlow data can help organizations detect security incidents and figure out their cause. Expert Frank Siemons explains how NetFlow works.  Continue Reading

• Continuous monitoring in the cloud: Two steps to make it a reality

  Enterprises can achieve continuous monitoring in the cloud if they focus on the two main elements of it. Expert Dave Shackleford discusses what those elements are.  Continue Reading

• What a CPU cache exploit means for multi-tenant cloud security

  Researchers recently proved that it's possible to steal cloud data from a CPU cache. Expert Rob Shapland discusses how this works and what it means for multi-tenant cloud security.  Continue Reading

• How to ensure a secure data transport of information in the cloud

  A secure data transport of information stored in the cloud can be challenging. Expert Frank Siemons explains the options available to companies for securing physical data movement.  Continue Reading

• Is a malicious hypervisor a real security threat to enterprises?

  It's possible for hackers to use a malicious hypervisor to access data on virtual machines. Expert Ed Moyle discusses how this works and the potential threat it poses.  Continue Reading

• How CASBs are broadening to address IaaS security

  CASBs have started extending their reach into IaaS platforms. Expert Rob Shapland looks at what they're doing and the effect they could have on IaaS security.  Continue Reading

• Four common cloud attacks and how to prepare for them

  Cloud attacks are increasingly targeting service providers. Expert Frank Siemons looks at the different types of attacks from which service providers and enterprises should be protected.  Continue Reading

• How DevOps tools can be used to integrate cloud automation

  DevOps tools can be used to deploy secure cloud automation. Expert Dave Shackleford looks at how this works and which tools are the best bet for DevSecOps.  Continue Reading

• Cloud privacy: Baseline features and emerging techniques

  Achieving cloud privacy can be a lofty task for enterprises, but it's not as impossible as it seems. Expert Ed Moyle outlines how to keep cloud data private with newer techniques.  Continue Reading

• How hackers use Google cloud services to attack enterprises

  Hackers, such as the Carbanak group, use Google cloud services to infiltrate organizations' systems. Expert Rob Shapland explains how that works and what can be done to stop it.  Continue Reading

• How to boost CDN security and protect enterprise data

  A recent Cloudflare bug highlights CDN security and the need for vigilance in protecting sensitive enterprise data. Expert Dave Shackleford discusses the flaw and what can be done.  Continue Reading

• How a container escape vulnerability can threaten enterprises

  A container escape vulnerability can expose enterprise systems to attackers. Expert Rob Shapland explains how these flaws work and how to mitigate the threat.  Continue Reading

• How to detect and mitigate malicious content from the cloud

  Malicious content hosted in the cloud is more common than you might think. Expert Ed Moyle looks at what enterprises need to know about cloud malware and how to stop it.  Continue Reading

• What enterprises need to know about cloud IAM before implementation

  Cloud IAM services are growing in popularity among enterprises, but it's not a simple implementation. Expert Matthew Pascucci explains what to know before using a cloud IAM service.  Continue Reading

• How AWS Artifact tackles regulatory compliance for enterprises

  A new service called AWS Artifact aims to help enterprises simplify regulatory compliance. Expert Rob Shapland discusses the potential security benefits of Artifact.  Continue Reading

• What enterprises need to know about securing a multicloud deployment

  A multicloud deployment takes considerable planning for an enterprise, especially when it comes to security. Expert Dave Shackleford looks at the challenges of multicloud.  Continue Reading

• How to detect and prevent a man-in-the-cloud attack

  A man-in-the-cloud attack is a newer threat to enterprise security and it's not always easy to detect. Expert Frank Siemons explains how the attacks work and what can be done.  Continue Reading

• Microsoft Azure Security Center: Successful or stagnated?

  Now that Microsoft's Azure Security Center has been out and in use for a while, expert Ed Moyle takes a look at how successful it is and where it's headed in enterprise use.  Continue Reading

• How a RHEL virtual machine in Microsoft Azure can be exploited

  RHEL virtual machines hosted in Microsoft Azure were recently found to have significant security vulnerabilities. Expert Rob Shapland explains them and what enterprises can learn.  Continue Reading

• How to make a cloud risk assessment easier with frameworks, standards

  A cloud risk assessment can often fall by the wayside in an enterprise, but using a standard or framework can simplify it. Expert Dave Shackleford discusses the options available.  Continue Reading

• Building an intrusion detection and prevention system for the cloud

  An intrusion detection and prevention system for cloud services is an important part of an enterprise's security stature. Expert Frank Siemons discusses IDS/IPS in the cloud.  Continue Reading

• How to strategically implement CASBs in the enterprise

  CASBs can offer help for enterprises that leverage cloud services. Expert Ajay Kumar examines the use cases, functions and architectures of cloud access security brokers.  Continue Reading

• Why CloudFanta malware poses an unusual threat to enterprises

  CloudFanta is a new kind of malware threatening enterprises. Expert Rob Shapland explains how it leverages cloud storage site SugarSync to infect users and enterprises.  Continue Reading

• How to effectively manage the cloud logs of security events

  Cloud logs of security events produce an abundance of data. Expert Dave Shackleford discusses how to filter through it and get to the important security events.  Continue Reading

• How cloud endpoint protection products benefit enterprises

  Cloud endpoint protection products are outpacing standard endpoint protections. Expert Frank Siemons discusses the evolution of these products and how they benefit enterprises.  Continue Reading

• How Microsoft's Secure Data Exchange bolsters cloud data security

  Microsoft's new service, Secure Data Exchange, can help protect cloud data while in transit and at rest. Expert Rob Shapland looks at the service and how it works for enterprises.  Continue Reading

• VM isolation technique considerations for enterprises

  VM isolation techniques are good strategies to prevent infections from spreading to the entire cloud environment. Ed Moyle explains what enterprises need to know about isolation.  Continue Reading

• How to handle privileged user management in the cloud

  Privileged user management is important for enterprises operating on the cloud. Expert Dave Shackleford discusses some best practices to help secure cloud access control.  Continue Reading

• How to prepare for a cloud DDoS attack on an enterprise

  Suffering a cloud DDoS attack is now more likely than ever. Expert Frank Siemons discusses what enterprises need to know about these attacks and how to prevent them.  Continue Reading

• Cloud incident response: What enterprises need to include in a plan

  A cloud incident response plan can be difficult to assemble. Expert Rob Shapland discusses the basics of what to include in a response plan when the incident involves the cloud.  Continue Reading

• A look at the shared responsibility model of cloud providers

  Many cloud providers now offer a shared responsibility model for their customers. Expert Dave Shackleford looks at the major providers' models and what they might be missing.  Continue Reading

• How bring your own encryption in the cloud works for enterprises

  Bring your own encryption offerings for the cloud are more common now. Expert Ed Moyle discusses the benefits and drawback of BYOE and what to know before implementation.  Continue Reading

• Cloud DDoS protection: What enterprises need to know

  DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options.  Continue Reading

• What to know about SIEM as a service before deployment

  There's been increased interest in SIEM as a service and enterprises need to get to know the model before using it. Expert Frank Siemons explains what's different about it.  Continue Reading

• Lessons learned from the Microsoft Office 365 SAML 2.0 flaw

  The Microsoft Office 365 SAML flaw that allowed attackers to bypass authentication was resolved quickly, but offers enterprises some important lessons. Expert Ed Moyle discusses.  Continue Reading

• PaaS security: Four rules for lowering enterprise risks

  Securing a platform as a service can sometimes get overlooked within enterprises. Expert Char Sample offers four simple rules for improving PaaS security and lowering cloud risks.  Continue Reading

• How to handle cloud-based big data strategies according to the CSA

  Assembling big data strategies is a nuanced process, but the Cloud Security Alliance offers guidance on some best practices. Expert Dave Shackleford looks at the highlights.  Continue Reading

• Data breach compensation: What enterprises need to know

  Data breach compensation amounts often fall short of covering the actual damages, especially in a cloud breach. Expert Frank Siemons discusses data breach settlement options.  Continue Reading

• Multi-tenant cloud security requires enterprise awareness

  Moving to a multi-tenant cloud environment can be daunting, but many of the usual risks are legacy issues. Expert Rob Shapland discusses what to know before moving.  Continue Reading

• How a cloud-based HSM can boost enterprise security with enough effort

  There are both security benefits and risks to using a cloud-based HSM in an enterprise. Expert Dave Shackelford discusses the arguments for and against cloud HSMs.  Continue Reading

• Why the DROWN vulnerability requires constant vigilance

  The DROWN vulnerability affected hundreds of SaaS applications, and they're not all completely fixed yet. Expert Ed Moyle discusses the SSLv2 vulnerability and how to manage it.  Continue Reading

• Why enterprise cloud IAM policies need to be stronger

  A cloud IAM policy is crucial to protecting an organization from external and internal threats. Expert Rob Shapland discusses how to bolster cloud IAM.  Continue Reading

• Cloud data classification services: How they benefit organizations

  Data classification services from CSPs are important for organizations strengthening their cloud security posture. Expert Dave Shackleford explains the perks of these services.  Continue Reading

• How the cloud can help organizations with security log data

  Organizations often have to deal with copious amounts of security log data and that can be challenging. Expert Frank Siemons explains how the cloud can help manage log data.  Continue Reading

• DDoS mitigation services: What to consider before implementation

  Before implementing DDoS mitigation services, there are a few things enterprises should consider. Expert Ed Moyle discusses the steps to take to improve security.  Continue Reading

• Cloud incident response and forensics: What enterprises need to know

  Performing cloud incident response and forensics requires a different approach. Expert Matt Pascucci outlines the steps enterprises should take with cloud service providers.  Continue Reading

• How to mitigate shadow cloud services security risks

  Shadow cloud services are an unavoidable part of the modern enterprise, but they present fresh security challenges. Expert Rob Shapland discusses some mitigation methods.  Continue Reading

• A look at the cloud migration challenges enterprises could face

  One of the most common problems facing organizations is dealing with many cloud migration challenges. Expert Dave Shackleford discusses the challenges and how to deal with them.  Continue Reading

• Adding a cloud security policy to your overall IT defense strategy

  Enterprises should consider a cloud security policy in the wake of more services moving to the cloud. Expert Mike Chapple examines how IT security standards can be reworked.  Continue Reading

• Top AWS security features organizations need to know about

  As cloud security becomes more essential, Amazon security features become more important. Expert Matthew Pascucci takes a look at specific AWS security products available today.  Continue Reading

• How to make sanitizing data in the cloud easier for organizations

  Data sanitization is often required for compliance, but many organizations struggle with it in the cloud. Expert Frank Siemons discusses why and how to make it easier.  Continue Reading

• How cloud synchronization can facilitate the spread of malware

  Malware can spread from one user to many through cloud synchronization. Expert Rob Shapland explains what enterprise users should know about their synchronization folders.  Continue Reading

• How to segment cloud workloads for better security

  Enterprise cloud workloads can be better secured by using microsegmentation. Ed Moyle explains the best ways to plan and execute a segmentation strategy.  Continue Reading

• The security risks of URL-shortening services for enterprises

  URL-shortening services have become a security threat to organizations. Expert Dave Shackleford explains why and how to mitigate the risks of shortened URLs.  Continue Reading

• How cloud WAF implementations can improve application security

  Having to secure applications that are not locally hosted is possible with a cloud WAF. Expert Matt Pascucci explains how they work, and what enterprises need to understand.  Continue Reading

• Cloud pen testing: What testers need to consider

  Before starting cloud penetration testing, there a few things to keep in mind. Expert Frank Siemons discusses limitations and techniques for pen testing cloud platforms.  Continue Reading

• How to address redundant cloud security controls

  Overlapping security controls for cloud apps and services can be detrimental to enterprises. Expert Rob Shapland explains why that is, and what organizations can do about it.  Continue Reading

• How to secure a cloud workload as it travels between CSPs

  Typically a cloud workload doesn't stay in one spot. Expert Dave Shackleford discusses the best ways to secure traveling cloud workloads as they move across environments.  Continue Reading

• Why cloud onboarding requires an enterprise security plan

  Cloud onboarding shouldn't require sacrificing security. Expert Ed Moyle explains how enterprises can implement a plan to keep their organizations safe.  Continue Reading

• How to combat cloud-based gaming security risks

  There are many security risks for cloud-based gaming platforms. Expert Frank Siemons explains what's happened to gaming providers like Sony and Steam.  Continue Reading

• How machine learning in the cloud can help enterprise security

  There's a growing trend of machine learning in the cloud and security should take advantage of it. Expert Dave Shackleford discusses machine learning and its benefits to security.  Continue Reading

• DDoS prevention for attacks that bypass DNS rerouting

  DNS rerouting by cloud security service providers may not be enough for DDoS mitigation when attackers can uncover targets through alternate means. Expert Ed Moyle explains.  Continue Reading

• Cloud identity management: Deciding on the right approach

  Cloud identity management can offer a lot of security benefits, but enterprises need to answer some questions before deployment. Expert Ed Moyle offers advice on what to ask.  Continue Reading

• 'Federated' identity and access management tools

  Federated identity management has clear security advantages. Learn ways to use Microsoft's AD FS and AWS AD Connector as identity and access management tools in the cloud.  Continue Reading

• Distinguishing types of cloud services and their security risks

  The different type of cloud services -- public, private and hybrid -- all provide different security for enterprises. Here's an explanation of each kind and their security pros and cons.  Continue Reading

• How to test data analysis in virtual environments

  Security teams need to practice and test data analysis, but it can be challenging to do in small environments. Expert Frank Siemons explains some ways to make it work anyway.  Continue Reading

• Cloud malware: A growing problem for public CSPs

  High-profile cloud malware attacks are increasing and enterprises need to understand the threat. Expert Dave Shackleford explains these malware campaigns.  Continue Reading

• How to protect an origin IP address from attackers

  Cloud security providers protect enterprises from DDoS attacks, but attackers can still find the origin IP addresses. Expert Rob Shapland explains why that's a significant threat.  Continue Reading

• How the Lucky 13 attack affects Amazon s2n security

  Amazon's s2n was targeted by the Lucky 13 attack and the discovery unnerved the security community. Expert Dave Shackleford discusses open source SSL/TLS risks like the s2n flaw.  Continue Reading

• The rise of cloud-based application security vulnerabilities

  Enterprises can't avoid dealing with cloud-based application security any longer. Expert Dejan Lukan discusses the challenges and why they're not as bad as they seem.  Continue Reading

• Breaking down the risks of VM escapes

  The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well.  Continue Reading

• Inside the new Microsoft Azure security features

  There are two new Microsoft Azure security features. Expert Rob Shapland breaks down how they aim to boost cloud security for enterprises.  Continue Reading

• How Azure Security Center boosts Microsoft cloud security

  Azure Security Center looks to enhance Microsoft's cloud platform by improving visibility and control. Expert Dave Shackleford outlines the features intended to do that.  Continue Reading

• How to perform cloud-based application analysis

  Before using cloud-based applications, it's important for enterprises to know their implications. Here are some static and dynamic application analysis techniques that can help.  Continue Reading

• How APT groups are conducting public cloud attacks

  Advanced persistent threat groups are using public cloud services to their advantage. Expert Ed Moyle explains how enterprises can protect themselves.  Continue Reading

• Breaking down the Amazon EC2 key recovery attack

  A research paper demonstrating a key recovery attack on Amazon Web Services' EC2 illustrates the risks of colocation and multi-tenancy in the cloud. Expert Rob Shapland explains.  Continue Reading

• Why BYOK is so attractive despite its risks

  BYOK encryption services are a new trend among enterprises, despite all the challenges and risks that accompany them. Expert Dave Shackleford explains the appeal of BYOK.  Continue Reading

• How enterprises can ensure a secure cloud migration

  Managing a secure cloud migration is an involved process for enterprises, but it can be made easier by carefully choosing what goes to the cloud and what stays on premises.  Continue Reading