Welcome!


Latest Blogs from Cloud Security
Arista Networks, Inc. (NYSE: ANET), has announced financial results for its fourth quarter and year ended December 31, 2015. Revenue of $245.4 million, an increase of 41.5% compared to the fourth quarter of 2014, and an increase of 12.8% from the third quarter of 2015. Non-GAAP gross...
I came across this great article in CIO from Mary Branscombe, in which she discusses the perceived security concerns of moving fast with DevOps. She addresses the concerns people feel towards the speed of rapid releases, automation, and continuous integration and deployment, all of whi...
Trend Micro International has announced the close of an agreement to acquire TippingPoint from Hewlett Packard Enterprise (HPE). Trend Micro TippingPoint solutions are immediately available to bring customers comprehensive threat intelligence and protection for current and zero-day vul...
Private, public or hybrid cloud? This is the question that is being asked by C-level executives and IT professionals across the globe, as each enterprise continues to mature its cloud strategy and rethink the earlier role of cloud and whether to move away from an all public or private ...
Virtusa Corporation has been named an Aspirant on Everest Group’s recent report: HealthcarePayer Big Data and Analytics IT Services – Service Provider Landscape with PEAK Matrix™ Assessment 2015. In this report, Everest Group analyzed the capabilities of 18 IT service providers specif...
There are always threats out there on the big bad internet. The majority of breaches happen at the application layer and many OWASP Top 10s like SQL injection are still malicious favorites to gain entry. Add to that the availability of DDoS tools, anonymous proxies and the rise of hack...
This week we came across an interesting phishing campaign. Users receive a file named “paymentxxx.pdf.” The file is a recently created PDF v1.5 made with Microsoft Word 2007, which can be opened by any PDF reader—Adobe or any other. The PDF is a single-page document and contains a hype...
Thanks to the professional, virtuous work of security researchers Chris Valasek and Charlie Miller and some fantastic reporting on this research by Andy Greenberg of Wired Magazine, we have long known that theoretical hacks against cars are no longer theoretical. They are real. Many co...
Radware has announced that TeraGo Networks has chosen Radware’s DDoS Attack Mitigation solution to power their new suite of security services. Headquartered in Ontario, Canada, TeraGo Networks owns and manages a national IP network, providing service to 46 major markets across Canada....
SYS-CON Events announced today that LeaseWeb USA Inc., one of the world's largest hosting brands, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. LeaseWeb USA has announced that its platform ...
In December 1998 when transitioning into a job doing intelligence support to DoD computer network defense, one of my mentors reminded me of a Reagan-era publication that helped the public better understand the Soviet threat called "Soviet Military Power." This document was based on th...
Recently I changed some of my passwords. Some due to typical rotation time and a couple due to potential breaches and encouragement from the affected site. No, I’m not going to tell you which ones or how I go about it but I noticed that it took about 3 days for my fingers to key the co...
In the 1946 classic ‘Hair Raising Hare,’ Bugs Bunny asks, ‘Have you ever have the feeling you were being watched? Like the eyes of strange things are upon you?’ Like Bugs often did, he breaks the fourth wall and involves the audience directly, invoking a feeling that someone is looking...
This post provides an update on the ongoing battle between Apple and the U.S. government regarding Syed Rizwan Farook's iPhone, recovered by police after the horrific massacre in San Bernadino on December 2, 2015. It is just days before the March 22, 2016 hearing in this long-running...
In part one of this series, "Rugged DevOps: Survival is Not Mandatory", I shared news that 1 in 16 open source and third-party components downloaded last year included a known vulnerability. That may not seem like too many until you realize the average company downloads well over 200,...
SYS-CON Events announced today that VAI, a leading ERP software provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. VAI (Vormittag Associates, Inc.) has announced that users of its S2K ...
SYS-CON Events announced today that (ISC)²® ("ISC-squared") will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. (ISC)²® and KPMG LLP have announced they will survey federal cybersecurity executiv...
Hybrid cloud is rapidly becoming essential to today’s information technology processes. This is why hybrid cloud risk management has become the keystone to many modern corporate strategies. To effectively manage this shift, leading enterprises are reorganizing how the business side of ...
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic has a...
Modern threat defense presents many new challenges to enterprises, resulting from the sophisticated threat techniques, new threat actors like organized cybercrime groups and nation states, and the ever-evolving IT infrastructure. Advanced malware threats are fundamentally different fro...
DevOps simply represents the better fusion of the usually quite distinct departments of software engineering and IT operations. The goal is faster and safer rates of software innovation. A simple objective but a troublesome one in reality – As many experts explain the core issue is th...
How well do you know your code? It sounds like a strange question, but please indulge me. Maybe you're a manager or business analyst. If this is the case, you ‘know' the code through a translation layer in which the developers in your organization explain what it does. Sometimes ...
OneCloud Systems provides managed services for the cloud including 24/7 monitoring, server and database setup, administration, and website migration. Launched by senior architects, developers and system administrators, OneCloud Systems enables customers to tap into the full value of th...
I am sure you are aware, the business computing environment is evolving. From all of us and the multitude of devices we now carry and interact with, along with the various ways we access information…to all of the applications and the interdependency among those applications that we req...
There once was a time when organizations wouldn’t consider deploying critical applications in the cloud. It was too much of a business risk from both an access and an attack perspective—and for good reason, since 28 percent of enterprises have experienced more security breaches in the ...
For more than 10 years, the rapid rise of cloud computing has enabled an even more rapid application of cloud to genomic medicine. In fact, since the U.S. National Institutes of Health (NIH) lifted a 2007 ban on uploading their genomic data into cloud storage, the explosion in cloud us...
We’re doing something a little different this year at #RSA with a Security Octagon. Everyone loves a good debate and in the security community discussions pop up constantly around a myriad of topics at any given point – with individuals or groups in the community taking opposing sides ...
The battle lines are clear: the FBI is using the courts to try to force Apple to write malware that will provide a backdoor into the iPhone the Feds recovered at the recent San Bernardino terrorist shootings – but Apple is fighting the order tooth and nail, as such malware would weaken...
We protect our homes with a single front door (generally speaking) don’t we? Should our approach to cyber security be any different? Shouldn’t we be able to look to one single security layer for protection? Given the proliferation and diversity of malware, viruses, hacks, phishing, on...
The Internet of Things (IoT) is growing at a rapid pace with millions of new devices getting connected every day. Gartner forecasts that 6.4 billion connected things will be in use in 2016 and by 2020, the number will reach 20.8 billion. Billions of devices including smartphones, lapt...
In a recent market study offering by Transparency Market Research (TMR), the global cloud security market is projected to grow at a CAGR of 12.80% from 2015 to 2022. The report, titled "Cloud Security Market - Global Industry Analysis, Size, Share, Growth, Trends and Forecast 2014 - 20...
Earlier this week it was reported that researchers at Boston-based security company, Rapid7, identified several security flaws in an app connected to a new toy from Mattel's Fisher-Price brand. The news of the security vulnerability caught our attention for a few reasons: The name of...
Time for a blog about personal privacy, before we all have forgotten about the concept. The Circle is both the title of an 2009 album by Bon Jovi as a 2013 novel by Dave Eggers. A novel relevant for a cloud blog because it describes a future in which one company (the Circle) largely co...
The start of a new year is always a good time for many businesses to get their IT strategies in place. However, there has been one issue in the past couple of months that may potentially cause a lot of complications in IT departments across the US and EU; the implications for cloud com...
No seriously, I mean it. There are serious correlations and similarities between smuggling alcohol and piracy in any form, whether it’s the real life bad guys on ghost ships in the seas or digital pirates who download stuff off the internet thinking it’s all free stuff while some artis...
As 2016 has arrived, we reflect upon one of the most debated issues around DevOps in 2015 – Information Security (InfoSec) and compliance. Needless to say, both are critical to an enterprise (especially given past examples of data breaches and looming cybersecurity threats). As a resul...
Imagine if Ben Grimm, aka The Thing, didn’t have such distinctive characteristics like an orange rocky body, blue eyes or his battle cry, ‘It’s Clobberin’ Time!’ and had to provide a photo ID and password to prove he was a founding member of the Fantastic Four. Or if the alien in John ...
I recently caught up with a former co-worker who now runs an information security program for a well-known retailer. While discussing new advances in cloud security and technology, he mentioned that his company had met with a provider that presented him with a mind-numbing number of de...
You can’t seem to have a conversation about cloud technology and its impact on the business without the topic of Shadow IT coming up. The two concepts at times seem so tightly intertwined, one would think there is a certain inevitability, almost a causal linkage between them. Shadow IT...
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Dat...