Trend Cloud Security Blog – Cloud Computing Experts

Inside an APT: LuckyCat Redux

Posted by admin in Cloud Mar 30th, 2012 | Comments Off
We recently wrote a post on Cloud Security and APT Defense in which we discuss the nature of an Advanced Persistent Threat as well as a few tips on how to stay safe. Now we have a real-world example to learn from. Our researchers have put together some comprehensive analysis for LuckyCat Redux which includes a study and an infographic which compares LuckyCat with other well-known threats. Share/Bookmark read more

Where to store cloud encryption keys? Adhere to compliance guidance.

Posted by Jonathan Gershater in Cloud, Cloud-based Security, Privacy, Compliance and Identity, public cloud, Securing the Cloud, Security Mar 28th, 2012 | Comments Off
I recently read a blog post outlining how a customer should evaluate where they should store their encryption keys when encrypting data in the cloud. The post outlines the various options for storing keys and concludes, “Enterprises must assess their risk tolerance and audit requirements before they can select a solution that best meets their encryption key management needs.“ I completely agree with the post.  Risk tolerance assessments and adherence to audit standards  are essential elements of any quality data security program. I would argue though, that if the customer is following... read more

Cloud Security and APT defense – Identical Twins?

Posted by Andy Dancer in Cloud Mar 26th, 2012 | Comments Off
I recently presented on this topic at RSA and enough people, who didn’t managed to catch the presentation, asked what the link was between these two seemly unrelated areas, that I promised to write it up for a wider audience – here goes: Many people assume that the ‘Advanced’ in Advanced Persistent Threats means the use of some incredibly new sophisticated malware but typically that’s not the case.  Usually the ‘Advanced’ element is in the research effort and the social engineering to tip a specific target over the edge and get them to click though to a URL of the attackers choosing. ... read more

Consumerization of Clouds

Posted by Dave Asprey in Cloud Mar 2nd, 2012 | Comments Off
Throughout the last two years, there has been a tremendous amount of activity regarding two areas; The Consumerization of IT, and the Cloud. This includes tons of postings and articles published about each one as to their impact, unique value and issues to computing utilization. Now the question needs to be posed as to what may be the relationship between these, are they separate areas, or are they intertwined environments of the modern computing world. And if the case is that they are intertwined, how do we address the issues this brings up, both the good and the bad. My belief is that these are... read more