The Truth About Privileged Access Security On AWS and Other Public Clouds

Source: forbes.com Bottom Line: Amazon’s Identity and Access Management (IAM) centralizes identity roles, policies and Config Rules yet doesn’t go far enough to provide a Zero Trust-based approach to Privileged Access Management (PAM) that enterprises need today. AWS provides a baseline level of support for Identity and Access Management at no charge as part of their AWS instances, as do other public cloud providers. Designed to provide customers with the essentials to support IAM, the free version often doesn’t go

Read more

Week in review: New Nmap, lateral phishing tactics, Kubernetes security matures

Sourec: helpnetsecurity.com Here’s an overview of some of last week’s most interesting news, articles and podcasts: Critical Bluetooth flaw opens millions of devices to eavesdropping attacks A newly disclosed vulnerability (CVE-2019-9506) in the Bluetooth Core Specification can be exploited by attackers to intercept and manipulate Bluetooth communications/traffic between two vulnerable devices. Pitfalls to avoid when improving your software development skills The dizzying pace of technological change makes knowledge acquisition and skill development a very big deal in the IT and

Read more

Kubernetes security matures: Inside the project’s first audit

Source: helpnetsecurity.com Auditing 1.5 million lines of code is a heroic undertaking. With resources provided by the Cloud Native Computing Foundation (CNCF), the Kubernetes Project leadership created the Security Audit Working Group to perform an audit in an open, transparent, and repeatable manner, while also paving the way for future Kubernetes security reviews and research. It included members from Google, Red Hat, Salesforce, InGuardians, and input from the broader security community. We felt that the two most critical components of

Read more

Why it’s time to make continuous cloud security part of your developer journey

Source: cloudcomputing-news.net Cloud computing hasn’t always been synonymous with great security. However, despite early fears that it was less secure than data centres, the cloud is now considered a useful – and secure – solution for most critical business functions. While some of its earliest adopters could afford to be somewhat blasé about security, that’s no longer the case. The latest generation of cloud entrants mainly operate in finance and government sectors, meaning that security and compliance are at the very

Read more

CNCF-led open source Kubernetes security audit reveals 37 flaws in Kubernetes cluster; recommendations proposed

Source: packtpub.com Last year, the Cloud Native Computing Foundation (CNCF) initiated a process of conducting third-party security audits for its own projects. The aim of these security audits was to improve the overall security of the CNCF ecosystem. CoreDNS, Envoy and Prometheus are some of the CNCF projects which underwent these audits, resulting in identification of several security issues and vulnerabilities in the projects. With the help of the audit results, CoreDNS, Envoy and Prometheus addressed their security issues and

Read more

Kubernetes open sourced their security audit. What can we learn?

Source: snyk.io Earlier this week, on 6th August, the Cloud Native Computing Foundation (CNCF) published a blog post detailing their recent Kubernetes Security Audit. Last year, the CNCF started their security audit program with three projects: CoreDNS, Envoy, and Prometheus. Since this pilot program was successful, the CNCF is rolling it out to other projects in their ecosystem. Kubernetes is an open source container orchestration engine for automating deployment, scaling, and management of containerized applications, and is the largest project

Read more

Azure to improve security with enhanced access control experience

Source: mspoweruser.com Microsoft announced that they are doubling down on Azure security at their recent Black Hat conference in Las Vegas. Today, Microsoft announced the new security features which will enhance the access control experience; including the introduction of Azure Active Directory Domain Service (Azure AD DS) authentication support for Server Message Block (SMB) access. Now, domain-joined Windows virtual machines can mount and access your Azure file shares over SMB, using AD DS credentials with enforced NTFS access control lists.

Read more

Kubernetes Looks Inside and Finds Security Holes

Source: sdxcentral.com The Kubernetes ecosystem took a look in the security mirror and found it has some work to do in order to ensure a better security posture for the container orchestration platform. The move comes as a rash of Kubernetes security flaws have cropped up over the past eight months. The introspective look came via the first security audit of Kubernetes conducted by the Cloud Native Computing Foundation (CNCF), which hosts the open source platform. The audit itself was

Read more

Concerns growing over AWS cloud security in Korea

Source: koreatimes.co.kr By Baek Byung-yeul Concerns are growing over the security and reliability of cloud computing offered by Amazon Web Services (AWS) after a former AWS worker allegedly stole data on 105 million customers of Capital One Bank. The former AWS worker allegedly hacked the cloud server of Capital One Bank, operated by the firm, and stole the information, according to cybersecurity analysts here Friday. They said Korean companies using the AWS cloud should be aware of potential data leaks

Read more

Why Security And DevOps Must Coexist

Source: I recently had the pleasure of moderating a lively discussion with security leaders at the SINET Innovation Summit 2019 in New York. The conversation explored one central question: Can security and DevOps coexist?  DevOps is a well-adopted practice that fosters an agile relationship between development and IT operations by advocating better communication and collaboration between these two business units. Every organization represented on the panel (including two of the largest financial services companies) have mature DevOps programs with security baked into their

Read more
1 2 3 9