InfoQ Homepage Cloud Security Content on InfoQ
-
Amazon CloudFront Supports Configurable CORS and Custom HTTP Response Headers
Amazon CloudFront recently added support for response headers policies, removing the need of custom Lambda@Edge and CloudFront functions to insert response headers. The new feature allows developers to add cross-origin resource sharing (CORS), security, and custom headers to HTTP responses.
-
CNCF Publishes Latest Technology Radar Focused on DevSecOps
CNCF published the sixth edition of the end-user Technology Radar. The theme for this edition was DevSecOps, the integration of security at every step of the software development lifecycle. The radar highlighted there are many DevSecOps tools today and the space is growing and changing rapidly.
-
Dynamic Process Isolation Helps Cloud System to Defend Against Spectre
Dynamic process isolation, a technique developed at Cloudflare to safeguard their systems from Spectre-like attacks, provides effective protection and fully mitigates Spectre attacks between multiple tenants, a Cloudflare-Graz University joint research has recently shown.
-
Intel Loihi 2 and Lava Framework Aim to Advance Neuromorphic Computing Research
Intel introduced its second-generation neuromorphic chip, Loihi 2, with the aim to provide tools for research in the field of neuromorphic computing. In addition, Intel has released Lava, a software framework to build neuromorphic apps both on conventional and neuromorphic hardware.
-
Announcing Allstar, a GitHub App to Improve Open Source Security
Google recently announced Allstar, a GitHub app that enables continuous enforcement of security policies for a given organization or project repository. Allstar is Google’s contribution towards improving Open Source Software (OSS) security.
-
Armo Releases Kubescape K8s Security Testing Tool: Q&A with VP Jonathan Kaftzan
Armo announced the release of Kubescape last month, a tool for testing if a Kubernetes environment is secure according to the Kubernetes hardening guidance published by the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency(CISA).
-
NSA and CISA Publish Kubernetes Hardening Guidance
The National Security Agency(NSA) in partnership with the Cybersecurity and Infrastructure Security Agency(CISA) recently published the Kubernetes Hardening Guidance, a technical report focused on securing Kubernetes environments. The report identifies the common areas of Kubernetes security risks: supply chain, malicious actors, and insider threats.
-
Cloud Providers Publish Ransomware Mitigation Strategies
In the last few weeks AWS, Azure and Google Cloud have posted articles and documentation with suggestions on ransomware mitigation techniques on the cloud, highlighting the main protections and recovery preparation actions.
-
AWS Introduces Backup Audit Manager for Compliance Requirements
Amazon recently announced the availability of AWS Backup Audit Manager, a new feature of AWS Backup to monitor the compliance status of backups and generate reports to meet business and regulatory requirements.
-
Microsoft Warns Customers about a Critical Vulnerability in Azure Cosmos DB
Azure Cosmos DB is a globally-distributed and fully-managed NoSQL database service. Recently, Microsoft warned thousands of its Cosmos DB customers of a vulnerability that exposes their data. A flaw in the service could grant a malicious actor access keys to steal, edit or delete sensitive data.
-
AWS Introduces Security Analytics Bootstrap to Perform Security Investigations
AWS recently announced Security Analytics Bootstrap, an open source framework to perform security investigations on AWS service logs using an Amazon Athena analysis environment.
-
Is CVE the Solution for Cloud Vulnerabilities?
At the recent Black Hat USA 2021, security experts from cloud infrastructure company Wiz argued that a CVE database for cloud vulnerabilities is needed, starting a debate in the cloud and cybersecurity communities.
-
AWS Announces Amazon EC2 M6i Instances Powered by Latest-Generation Intel Xeon Scalable Processors
Recently AWS announced the availability of the new general-purpose Amazon EC2 M6i instances. The new Amazon EC2 M6i instances deliver up to 15 percent more performance and a better price when compared to the fifth-generation instances and always-on memory encryption using Intel Total Memory Encryption (TME).
-
Google Releases Its Certificate Authority Service into General Availability
The Google Cloud Certificate Authority Service (CAS) is a scalable service for managing and deploying private certificates via automation and managing public key infrastructure (PKI). And last month, Google announced the general availability (GA) of this service.
-
Microsoft Announces Public Preview of Bastion Standard SKU
Azure Bastion is a fully-managed Platform as a Service (PaaS) solution providing customers a secure way to connect to a virtual machine using a browser and the Azure portal. Recently, the company announced the public preview of the second Stock Keeping-Unit (SKU) called Standard.
CONTENT IN THIS BOX PROVIDED BY OUR SPONSOR
Featured Content
Just-In-Time Access Requests for Your DevOps Workflow
Limit server access to on-call engineers and those working to fix the issue. Check out Teleport Access Request to learn more.
A Practical Guide to Secure SSH Access
Three practical approaches to securing SSH access. Learn more.
Security Incident Containment with Teleport Session and Identity Locking
What would you do when a security incident is detected? Learn More.
Access and Security Trade-Offs for DevSecOps Teams
How to stay secure while your team ships at scale. Trade-offs for DevSecOps teams without the tension. Download now.
