Cloud Security 101

Managing cloud permissions and configurations As organizations evolve in the cloud, you will find the number of cloud services their teams use and identity permissions that need to be managed increase significantly. These services teams used to build and deliver applications are referred to as assets or resources. Configuring cloud assets, roles, and permissions doesn’t […]

Your Firewall is Now Everywhere — And Nowhere

Network security has been stuck in a box for too long. Much of what we know consists of perimeter or zone-based rules that limit which network segments can talk to which other network segments over which ports. The workhorse of this world has been the firewall appliance, interconnecting network segments and enforcing these rules. In […]

Discover your Cloud Security Posture Maturity Level

ONUG Cloud Native Security Working Group Blog Series Introduction Cloud Security Posture Management (CSPM) is currently one of the fastest growing areas within the field of cloud security; most security vendors are now offering or developing CSPM capabilities. However, enterprises are still trying to build the most effective CSPM program to fit their environment. In […]

A More Secure Digital Future

A More Secure Digital Future During my long career, there has been one constant requirement I often hear, “I want to see an end-to-end view of an application.” This is the holy grail to assure great user experience, assure security and observability.  Developers, IT infrastructure and operational teams struggle every day with this lack of […]

Zero Trust: An Overnight Sensation Decades Later

Introduction Years after the term was coined by Stephen Paul Marsh in 1994 and popularized by John Kindervag more than a decade ago, Zero Trust has become the “new” security solution that addresses the confluence of today’s three critical factors and the emergence of what amounts to a cyber-war on businesses and governments. Zero Trust […]

Zero Trust: The Critical Essence – An Introduction

On January 12, 2010 Google wrote a blog revealing to the world that it had been breached by attackers sponsored by a nation state.  The attack is now known as ‘Operation Aurora’.[i] Subsequent investigations showed that many other enterprises and government organizations had also been breached by the same attackers.  Among other things, these hackers […]

ONUG Collaborative Working Groups Kick Off 2022

Members of The ONUG Collaborative Working Groups are delivering solutions to the challenges faced by today’s Enterprise Multi-Cloud Community. Composed of both vendors and cloud consumers from some of the largest companies in the world, these Working Groups focus on delivering best-in-class solutions, both on-premise and off.  Here’s a quick update on the initiatives being […]

How to Protect Your Data from Ransomware and Double-Extortion

Malware has been the archenemy of organizations around the globe for years, with ransomware, in particular, being an extremely deadly foe. Locking down victims’ files through encryption and demanding a ransom for decryption has proven to be an effective tactic for cybercriminals, with a steady stream of recent attacks serving as a constant reminder. However, […]

Application Architectures: It’s been a journey

ONUG Cloud Native Security Working Group Blog Series #1 Over the next several quarters, the ONUG Cloud Native Security Working Group will be publishing a set of short articles that examine different aspects of modern application security –new threats, the role of big data and machine learning in addressing those threats, how security interacts with […]

ONUG Collaborative’s Cloud Security Notification Framework Decorator

As more companies move to a multi-cloud environment, their IT departments become inundated with security notifications. Trying to make sense of these statuses can be challenging as each cloud provider has its own notification formats. Adding one provider doesn’t mean doubling the notifications; the data grows exponentially until enterprises reach the “wall of worry.”  Large […]