InfoQ Homepage Cloud Security Content on InfoQ
-
Apache Metron Graduates to Top-Level Project
Hortonworks and Apache announce graduation of Metron, a realtime big data security platform to top-level project at the ASF.
-
AWS Organizations Offers Centralized Policy-Based Account Management
After a three month preview since re:Invent 2016, Amazon Web Services has recently moved AWS Organizations to general availability. The new service allows to centrally manage multiple AWS accounts within a hierarchy of organizational units and attach service control policies with fine-grained access permissions. AWS Organizations also supersede the formerly separate consolidated billing feature.
-
Bitbucket Introduces Required Two-Factor Authentication and IP Whitelisting
Atlassian has announced two new features aimed to make Bitbucket more secure: IP whitelisting and required two-factor verification.
-
Cloudbleed - Cloudflare Proxies Memory Leak
A buffer overflow bug has caused a small number of requests to Cloudflare proxies to leak data from unrelated requests, including potentially sensitive data such as passwords and other secrets. The issue, which has been named ‘Cloudbleed’, was discovered by Google Project Zero vulnerability researcher Tavis Ormandy.
-
Google Expands Audit Logging Capability to Majority of Cloud Services
Tracking "who did what" in a self-service public cloud can be challenging. With Google Cloud Audit Logging, Google captures log streams for seventeen services in Google Cloud Platform (GCP) .
-
Running Docker Containers Securely in Production
Hardening Docker containers in production involves a combination of techniques including making them immutable, minimizing the attack surface and applying both standard Linux hardening procedures as well as ones that are specific to a container environment.
-
Amazon Announces AWS Shield for DDoS Protection
At the recent re:Invent 2016 event, Amazon announced a new service called AWS Shield, which provides customers with protection from Distributed Denial of Service (DDoS) attacks. This announcement comes just over a month after Amazon was impacted by a DDoS attack on a DNS provider that Amazon used, Dynamic Network Services (Dyn).
-
Stormpath's Java SDK 1.0 Released
This week Stormpath released version 1.0 of their user management and authentication Java SDK. Stormpath generally provides APIs for implementing authentication, authorization and user management in web and mobile applications, including open source implementations, targeting a range of languages and frameworks.
-
Microsoft Reaches New Milestone in Delivering Trusted Cloud Services
Microsoft recently announced an expansion of their Azure regions world-wide. The number of regions announced now sits at 30, with 22 being generally available (GA). The most recent wave, of Azure regions, focuses on trusted environments for government customers or regions with specific privacy needs.
-
New Security Capabilities Available in Azure Operations Management Suite
On February 25th, 2016 Microsoft announced updates to their Operations Management Suite (OMS). The updates, in this particular iteration of the service, are focused on the security and audit portions of the suite and target the user experience, additional capabilities and features.
-
Apple Defends Encryption with TV Interview, Files Counter Lawsuit
Apple has responded to questions raised about its stance with the FBI and CEO Tim Cook has appeared on live TV to defend Apple's stance. They have now filed a lawsuit to have the FBI's case dismissed. InfoQ updates you with the latest on the subject.
-
Remotely Exploitable GlibC DNS Bug Discovered
A recently discovered buffer overflow in the DNS resolution of GLibC, which has been present since 2008, has the potential to be remotely exploitable and crash a significant number of Linux applications. InfoQ investigates.
-
Secrets Management with Chef-Vault
Secret management is a difficult problem in a distributed and scalable environment. Chef-vault is a Chef tool built on top of encrypted data bags that eliminates the need to share the decryption key with all users and nodes of an infrastructure.
-
Keeping Your Secrets Safe in a Distributed and Scalable Environment
At the Velocity Conference in Amsterdam, Alex Shoof explained how to manage secrets in a scalable and distributed environment. Shoof proposed a system based on five fundamental principles for secret management.
-
Google Cloud Security Scanner reaches General Availability
On October 7, 2015 Google announced its App Engine security service, Google Cloud Security Scanner, has reached general availability. This past February, Google launched a beta version of this service.