InfoQ Homepage Cloud Security Content on InfoQ
-
Amazon EC2 Supports NitroTPM and UEFI Secure Boot
AWS recently announced the general availability of the UEFI Secure Boot and of NitroTPM, a virtual TPM module for EC2 instances based on the AWS Nitro System. The new features are designed for boot-process validation, key protection and digital rights management.
-
Microsoft Rebrands its Data Governance Service to Microsoft Purview
Recently, Microsoft announced Microsoft Purview, a new product branding bringing together the Azure Purview data governance service with various Microsoft 365 compliance solutions.
-
Veracode Report Shows Signs of Progress in Securing Software Supply Chain
Veracode's recently released State of Software Security report found a general decline in the number of known security vulnerabilities found in third-party libraries along with a trend towards smaller applications being scanned more regularly for issues. It also finds that the industry still has a long way to go.
-
AWS Firewall Manager Supports Palo Alto Networks Cloud Next Generation Firewalls
AWS recently announced that Firewall Manager supports Palo Alto Networks Cloud Next Generation Firewalls (NGFW). Palo Alto Networks partnered with the cloud provider to offer a managed firewall service designed to simplify securing AWS deployments.
-
Google Cloud Introduces Community Security Analytics
Google Cloud recently released Community Security Analytics (CSA), a set of open-sourced queries and rules for security analytics designed to help detect common cloud-based threats.
-
AWS WAF Introduces Fraud Control - Account Takeover Prevention
Amazon recently introduced Fraud Control - Account Takeover Prevention, a new feature of AWS Web Application Firewall to protect login pages at network edge.
-
AWS Introduces Managed Prefix List for CloudFront
AWS recently announced the availability of the AWS managed prefix list for CloudFront. Customers can now limit inbound HTTP/HTTPS traffic to a VPC and an application from only IP addresses that belong to CloudFront’s origin-facing servers.
-
Report Finds 75% of Cloud Runtimes Contain High or Critical Vulnerabilities
Sysdig’s latest cloud-native and security-usage report finds that shipping containers with vulnerabilities has become standard practice - with the report finding that 75% of containers have high severity vulnerabilities which could have been patched. The report stresses that many organisations find this to be an acceptable risk, in order to move and release quickly.
-
Runtime Security Project Falco Adds Extensible Plugin Framework
Falco, a cloud-native runtime security project, has released version 0.31.0. This release introduces a new plugin system for defining additional event sources and event extractors to Falco. The plugin system includes SDKs to simplify development and this release ships with a new AWS CloudTrail plugin.
-
Microsoft Releases Azure Payment HSM in Public Preview for the Payment Card Industry
Recently, Microsoft announced the public preview of a bare-metal infrastructure as a service (IaaS) Azure Payment HSM that provides cryptographic key operations for real-time payment transactions in Azure. It uses the Thales payShield 10K payment HSMs, which delivers a suite of payment security functionality proven in critical environments.
-
Aqua Security Reports Large Increase in Supply Chain Attacks
Aqua Security's recent report highlights the increasing threat of supply chain attacks. According to the report, supply chain attacks grew by 300% from 2020 to 2021 while the level of security across software development environments remained low. Google and the CNCF have recently released papers detailing approaches to improving the security of the supply chain.
-
Amazon GuardDuty Adds Detection of EC2 Credential Usage from Other AWS Accounts
Amazon GuardDuty recently added the detection of EC2 instance credentials being used by other AWS accounts. This improves upon the previous state where only credentials being used by IP addresses outside of the AWS network were reported on. This new detection is available within all regions.
-
Cloudflare Report Highlights Staggering Increase in DDoS Attacks in Q4 2021
In keeping with its custom of releasing a quarterly trends report on DDoS attacks, Cloudflare has just published its new findings for Q4 2021, which show a 95% increase in L3/4 DDoS attacks and record-breaking levels of Ransom DDoS attacks.
-
Google Cloud Embraces Security Orchestration through Siemplify Acquisition
Google has announced the acquisition of security orchestration, automation, and response (SOAR) provider Siemplify, with the aim of integrating SOAR capabilities into its own Google Chronicle security solution.
-
Incorrect IAM Policy Raised Questions about AWS Access to S3 Data
An unexpected change in the policy used by AWS Support raised concerns about access to customers' S3 data. The cloud provider reverted the change, stating that the permissions were not and could not be used and published a security bulletin. Security experts suggest steps to detect and prevent similar issues in the future.