Information to secure your cloud applications in all cloud infrastructure environments
Subscribe
Two of the most relevant, if trendy, topics in cybersecurity today relate to the starting point — the “ground zero” of attacks — from both the attacker’s and the defender’s perspective. The most useful weapons in the attacker’s arsenal are Zero Day attacks; that is, previously unknown or unseen attacks. Such attacks are especially pernicious because there is no bespoke, pre-existing defender countermeasure. There is no snort signature, no specifically predefined pattern of behavior to look for, no TCP port to lock down. In that…
ONUG Cloud Native Security Working Group Blog Series Introduction Cloud Security Posture Management (CSPM) is currently one of the fastest growing areas within the field of cloud security; most security vendors are now offering or developing CSPM capabilities. However, enterprises are still trying to build the most effective CSPM program to fit their environment. In many cases, it’s unclear where to start and what the end goal is for the CSPM effort. To help simplify this process, this post will share guiding principles for implementing…
Introduction Years after the term was coined by Stephen Paul Marsh in 1994 and popularized by John Kindervag more than a decade ago, Zero Trust has become the “new” security solution that addresses the confluence of today’s three critical factors and the emergence of what amounts to a cyber-war on businesses and governments. Zero Trust switches the focus from outward-facing defense of a network perimeter to prevention of unauthorized exfiltration of data and other exploits. This short work looks at why it has become virtually…
On January 12, 2010 Google wrote a blog revealing to the world that it had been breached by attackers sponsored by a nation state. The attack is now known as ‘Operation Aurora’.[i] Subsequent investigations showed that many other enterprises and government organizations had also been breached by the same attackers. Among other things, these hackers were targeting source code repositories via software configuration management systems. Any entity that had already breached perimeter network security and had created a presence on an internal system could reach…
ONUG Cloud Native Security Working Group Blog Series #1 Over the next several quarters, the ONUG Cloud Native Security Working Group will be publishing a set of short articles that examine different aspects of modern application security –new threats, the role of big data and machine learning in addressing those threats, how security interacts with the CI/CD development process, and more. The discussion of how to protect today’s applications begins with understanding how applications are built. And understanding modern application architectures requires us to appreciate…
ONUG Cloud Native Security Working Group Blog Series #2 “For those of you with an interest in data-driven DevSecOps, the ONUG Cloud Native Security Working Group is kicking off a deeper-dive article series on the role of data in modern applications, discussing some best practices for translating an application’s operational data “exhaust” into deep insights and actionable feedback. The first piece in this series introduces the three pillars of the data-driven approach: collecting data across the breadth of the distributed infrastructure, ensuring data inputs also…
As more companies move to a multi-cloud environment, their IT departments become inundated with security notifications. Trying to make sense of these statuses can be challenging as each cloud provider has its own notification formats. Adding one provider doesn’t mean doubling the notifications; the data grows exponentially until enterprises reach the “wall of worry.” Large enterprises have constructed security infrastructures to process the volume of events being transmitted. However, they require additional staffing to interpret and process the data sent from each provider. The ongoing…
