InfoQ Homepage Security Content on InfoQ

News

RSS Feed

Newer Older

Cloud

Virtual Machine Threat Detection in Google Security Command Center Now Generally Available

Google Cloud recently announced the general availability (GA) of Virtual Machine Threat Detection (VMTD) as a built-in service in Security Command Center Premium, which can detect if hackers attempt to mine cryptocurrency in a company's cloud environment.

Steef-Jan Wiggers
on Aug 29, 2022
Cloud

AWSGoat Open-Source Project for Pen Testing AWS Cloud Solutions

AWSGoat is a vulnerable-by-design infrastructure on AWS, featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. It mimics real-world infrastructure with additional flaws and uses a black-box approach, including multiple escalation paths.

Steef-Jan Wiggers
on Aug 25, 2022
Cloud

Google Cloud Blocks Largest Layer 7 DDoS Attack

Google claims to have recently fended off the largest ever HTTPS-based distributed denial of service attack, which peaked at 46 million requests per second. According to the cloud provider, the DDoS attack was quickly detected and stopped at the edge of Google’s network, and the customer was not impacted.

Renato Losio
on Aug 24, 2022
Cloud

New Microsoft Defender Products: Threat Intelligence and External Attack Surface Management

Microsoft recently announced two security products: Microsoft Defender Threat Intelligence and Microsoft Defender External Attack Surface Management. These new products are driven by their acquisition of RiskIQ just over a year ago.

Steef-Jan Wiggers
on Aug 17, 2022
Cloud

Amazon GuardDuty Introduces Malware Detection

At the recent re:Inforce security conference, AWS announced the availability of malware detection for Amazon GuardDuty. The new functionality of the managed threat detection service initiates a scan of the EBS volumes when it detects suspicious behavior indicative of malware on EC2 or containers.

Renato Losio
on Aug 14, 2022
Culture & Methods

Developing and Evolving SaaS Infrastructures for Enterprises

SaaS companies that are focused on the enterprise market need to evolve their infrastructure to meet the security, reliability, and other IT requirements of their customers. IT admins and large customers are two important sources of requirements to drive development.

Ben Linders
on Aug 04, 2022
Cloud

AWS Expands Amazon Detective for Kubernetes Workloads on Amazon EKS

Amazon Detective is a security service in AWS that allows customers to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Recently, AWS announced the expansion of Amazon Detective towards Kubernetes workloads on Amazon’s Elastic Kubernetes Service.

Steef-Jan Wiggers
on Jul 30, 2022
Mobile

Android 13 Final Beta Improves Security and Privacy, and More

The latest beta of Android 13 is a final update that allows developers to make sure their apps are ready for the new Android release when it becomes available in a few weeks, says Google.

Sergio De Simone
on Jul 15, 2022
Cloud

Google Cloud Announces Advanced API Security through Apigee

Recently Google announced the public preview of Advanced API Security, a comprehensive set of API security capabilities built on Apigee, their API management platform. With the new capability, customers can detect security threats more efficiently.

Steef-Jan Wiggers
on Jul 12, 2022
Mobile

Apple Introduces Lockdown Mode to Secure Its OSes against Cyberattacks

The new Lockdown Mode announced by Apple, available now in the latest betas of iOS 16, iPadOS 16, and macOS Ventura, aims to provide a further level of protection to users at risk of highly targeted Cyberattacks.

Sergio De Simone
on Jul 07, 2022
AI, ML & Data Engineering

Google's BigQuery Introduces Column-Level Encryption Functions and Dynamic Masking of Information

Google recently released new features for its SaaS data warehouse BigQuery which include column level encryption functions and dynamic masking of information. Specifically, dynamic masking of information can be used for real-time transactions whereas column level encryption provides additional security for data at rest or in motion where real-time usability is not required.

Claudio Masolo
on Jul 07, 2022
DevOps

GitHub Enterprise Server 3.5 Improves Security, Updates GitHub Actions, and More

The latest release of GitHub Enterprise Server brings many new features with a special emphasis on security and compliance, says GitHub, including Dependabot integration, improved security features, updates to GitHub Actions, and more.

Sergio De Simone
on Jun 02, 2022
DevOps

Docker Launches Docker Extensions and Docker Desktop for Linux

At DockerCon 2022, Docker announced a way for developers to tap into Docker Desktop and extend its functionality using a new Extension SDK. Additionally, Docker Desktop is finally landing on Linux, providing the same experience available on macOS and Windows.

Sergio De Simone
on May 11, 2022
DevOps

Crypto Miners Exploiting VMware Vulnerability in the Wild

A critical vulnerability affecting VMware Workspace ONE Access and VMware Identity Manager allows malicious actors to remotely execute arbitrary code triggering a server-side template injection. According to VMware the vulnerability is actively exploited.

Sergio De Simone
on Apr 21, 2022
DevOps

Dockerfile Linter Hadolint Brings Fixes and Improvements, and Support for ARM64 Binaries

After a long wait, recent Hadolint releases have brought a number of fixes, improvements, and support for ARM64 binaries.

Sergio De Simone
on Apr 02, 2022

Newer News

Older News

InfoQ Software Architects' Newsletter

News