InfoQ Homepage Cloud Security Content on InfoQ

  • HashiCorp Announces Public Beta of HCP Vault

    In a recent blog post, HashiCorp announced the public beta of HashiCorp Vault on its Cloud Platform (HCP). With Vault, customers can leverage a managed cloud service to provide them with secret management and encryption capabilities.

  • Microsoft Launches New Data Governance Service Azure Purview in Public Preview

    Recently Microsoft announced a new data governance solution in public preview on its cloud platform called Azure Purview. This new service automates the discovery of data and cataloging while minimizing compliance risk and helps customers map all their data, no matter where it resides, to provide an end-to-end view of their data estate.

  • Five Years of Lets Encrypt

    Five years ago, a non-profit organisation set up a public certificate authority, with the intent of enabling websites to become more secure by default through automated provisioning of TLS certificates. Five years later, and Lets Encrypt is putting together its own top-level root CA, which will be served by default next year - but some older Android versions won't be able to use it.

  • HashiCorp Vault Adds Tokenization and Auto-Join Features

    HashiCorp has released Vault 1.6, adding new features to their secrets and identity management platform. Cloud auto-join facilitates automatically attaching new Vault nodes to the cluster. The transform secrets engine now supports tokenization to better secure data stored outside of Vault. Additional features include integration with key management services and support for seal migration.

  • How SAD DNS Works

    SAD DNS is a new variant of DNS cache poisoning that allows an attacker to inject malicious DNS records into a DNS cache, thus redirecting any traffic to their own server and become a man-in-the-middle (MITM).

  • AWS Announces Gateway Load Balancer

    AWS Gateway Load Balancer is a new fully-managed network gateway and load balancer. The service is tailored to deploy, scale and manage third-party virtual appliances such as firewalls, intrusion detection, prevention systems and deep packet inspection systems in the cloud.

  • AWS Introduces Nitro Enclaves, Isolated EC2 Environments for Confidential Computing

    AWS has recently made available Nitro Enclaves, isolated EC2 environments to process confidential data. Based on a lightweight Linux OS, a Nitro Enclave is a hardened, attested and highly constrained virtual machine.

  • HashiCorp Supports AWS Lambda Extensions for Serverless Security

    HashiCorp has recently announced the public preview of the HashiCorp Vault AWS Lambda Extension. The new service is based on the recently launched AWS Lambda Extensions API and allows a serverless application to securely retrieve secrets from HashiCorp Vault without making the Lambda functions Vault-aware.

  • Cloudflare Releases a Cloud-Based Network-as-a-Service Solution: Cloudflare One

    Cloudflare, an American web-infrastructure and website-security company, recently introduced a cloud-based network-as-a-service solution for the enterprise workforce called Cloudflare One. The solution provides secure, fast, reliable, cost-effective network services, integrated with leading identity management and endpoint security providers.

  • Cloudflare Introduces API Shield

    Cloudflare has recently introduced API Shield, a free security tool that protects API traffic against attacks designed to perform unauthorized actions or exfiltrate data. Strong client certificate-based identity is already generally available, while schema validation is currently a closed beta.

  • Bridgecrew Releases State of Open Source Terraform Security Report

    Bridgecrew, a developer-first platform that codifies cloud security, recently published the State of Open Source Terraform Security report. The company utilized open-source Infrastructure-as-Code (IaC) static analysis tool Checkov. One of the key findings reveals that modules used to provision AWS resources are most likely misconfigured.

  • Attackers Found Building Malicious Container Images Directly on Host

    Aqua’s cyber security research team, ‘Nautilus,’ has found a new attack technique targeting misconfigured Docker Daemon API ports to build an image directly on the target host container infrastructure, in order to mine cryptocurrency. Further investigation by the team uncovered an associated 330k malicious image pulls from an infrastructure of 23 container images stored in Docker Hub.

  • Snyk Releases Enhanced Vulnerability Prioritization Features

    Snyk has announced the release of a number of new features to simplify prioritizing security vulnerabilities. This includes a new, proprietary algorithm to assess and provide a score for each identified issue. This approach takes into account the maturity of the exploit and can analyze if the affected code is reachable through application execution.

  • Google Launches Confidential VMs in Beta on Its Cloud Platform

    In a recent blog post, Google announced Confidential VMs, a new type of virtual machine that makes use of the company’s work around confidential computing to ensure that data isn’t just encrypted at rest but also while it is in memory.

  • AWS Open-Sources CloudFormation Compliance Analyzer

    AWS has announced the preview release of CloudFormation Guard, an open-source CLI tool to enforce compliance policies against CloudFormation templates. cfn-guard provides a lightweight, declarative syntax for defining rules. It supports lists, wildcards, regex,and declaration of variables, and can work with CloudFormation intrinsic functions.


Is your profile up-to-date? Please take a moment to review and update.

Note: If updating/changing your email, a validation request will be sent

Company name:
Company role:
Company size:
You will be sent an email to validate the new email address. This pop-up will close itself in a few moments.