InfoQ Homepage Cloud Security Content on InfoQ
-
KubeCon EU: Mercedes-Benz’s Migration From Pod Security Policies to Validation Admission Policies
During KubeCon EU the Mercedes Benz team presented their migration journey from Pod Security Policies to Validation Admission Policies to secure their 1000+ Kubernetes clusters. The solution was chosen in favour of Kyverno due to its improved performance.
-
Shadow API Detection for Google Cloud Environments in Preview
During Google Cloud Next, Google announced the preview release of shadow API detection in Advanced API Security, part of the Apigee API Management solution. This managed API Broker service in the Google Cloud allows users to design, secure, deploy, monitor, and analyze APIs.
-
Borderless Cloud at QCon London: Q&A with Adora Nwodo
At QCon London, Adora Nkowno, senior software engineer at NexaScale, discussed the complexities of seamlessly integrating multiple clouds into application architecture, deployment processes, and CI/CD pipelines. Her session was part of the Cloud-Native Engineering track on the first day of the conference, and InfoQ did an interview.
-
Efficient DevSecOps Workflows with a Little Help from AI: Q&A with Michael Friedrich
At QCon London, Michael Friedrich, senior developer advocate at GitLab, discussed how AI can help in DevSecOps workflows. His session was part of the Cloud-Native Engineering track on the first day of the conference. InfoQ interviewed Friedrich after the session.
-
Microsoft AI-Driven Security Tool Copilot for Security is Now GA
Microsoft recently announced the general availability of Copilot for Security, a generative Artificial Intelligence (AI) security product designed to help security and IT teams with the capabilities to protect their digital assets.
-
Google Cloud Launches Security Command Center Enterprise
Google Cloud has launched Security Command Center (SSC) Enterprise, a cloud risk management solution that offers proactive cloud security with enterprise security operations. The solution helps customers manage and mitigate risk across multi-cloud environments and is enhanced by Mandiant expertise.
-
Falco, Cloud-Native Security Tool for Kubernetes, Graduates from CNCF
CNCF announced the graduation of Falco, a tool designed for Linux systems and a de facto Kubernetes threat-detection engine. The project successfully met all graduation requirements, including undergoing the due diligence process, completing a third-party security audit, and obtaining the software licensing approvals.
-
Enhanced Protection for Large Language Models (LLMs) against Cyber Threats with Cloudflare for AI
Cloudflare recently announced a new capability called Firewall for AI in its Web Application Firewall (WAF) offering. The capability adds a new layer of protection that will identify abuse and attacks before they reach and tamper with Large Language Models (LLMs).
-
Cloudflare Releases 2024 API Security and Management Report
Cloudflare recently released its 2024 API Security and Management Report, providing insights, predictions, and recommendations for safeguarding APIs in the new year. The report analyses the growing risk of shadow APIs, the most common API errors, and global API usage across different industries.
-
Amazon Route 53 Resolver Introduces DNS over HTTPS Support for Enhanced Security and Compliance
AWS recently announced that Amazon Route 53 Resolver will support using the Domain Name System (DNS) over HTTPS (DoH) protocol for both inbound and outbound Resolver endpoints.
-
AWS Adds Automated Detection of Unused IAM Roles, Users, and Permissions
AWS recently added support for detecting unused access granted to IAM roles and users within their AWS IAM Access Analyzer tool. The new analyzer can identify unused roles, unused IAM user access keys and passwords, and unused permissions within a defined usage window. This analysis can be done across accounts within the organization and be controlled from a delegated administrator account.
-
Intuitive Application Resource Management with myApplications in the AWS Management Console
AWS recently announced at its re:Invent conference the general availability of myApplications. myApplications in the AWS Management Console can help customers manage and monitor the cost, health, security posture, and performance of their applications on AWS more effectively.
-
Canonical Takes a Chisel to Ubuntu with Ultra-Small Container Images
Canonical has officially released chiselled Ubuntu containers, offering production-ready, secure, and ultra-small container images with a focus on efficiency and security. These container images allow users to build images that only contain their application and its runtime dependencies, excluding unnecessary operating system-level packages, utilities, or libraries.
-
Amazon EC2 Enhances Defense in Depth with Default IMDSv2
To improve defense against open firewalls, reverse proxies, and SSRF vulnerabilities, AWS has recently announced that new Amazon EC2 instance types will support only version 2 of the EC2 Instance Metadata Service (IMDSv2). For transition support, customers will still be able to enable IMDSv1.
-
Azure Bastion Developer SKU: Cheaper Secure Connectivity to Azure Virtual Machines
Azure has recently announced the public preview of Bastion Developer SKU, the latest addition to the managed bastion service on Azure. The new option targets dev/test users seeking secure and simple VM connections without the need for additional features or scalability.