Justin Foster in
Cloud-based Security, Threats from the Cloud
Jul 11th, 2013 |
Over the past four years, many things have changed in our Cloud Security Blog has been online – largely because of the evolution of the industry. No longer are we encountering “cloud confusion,” as a couple of our earlier blog posts on cloud-based security and threats from the cloud discussed.
The “Cloud” and security within it has evolved to the point where there are dozens of events, loads of resources and even a cloud security certification. Allow us to clear up the confusion of the wealth of information available for cloud security across the Web and around...
Justin Foster in
Cloud, Cloud-based Security
Jun 4th, 2013 |
The Cloud Security Alliance recently released a white paper on cloud computing vulnerability incidents spanning the last five years. They looked at more than 11 thousand news articles regarding cloud computing-related incidents to determine the top reasons behind outages. Did you know 64 percent of the outages can be attributed to one of three causes:
Insecure Interfaces & APIs
Data Loss & Leakage
If you are developing an application for the cloud or deploying software in the cloud, there is good news: There are some key ways to avoid the majority of outages.
Mark Nunnikhoven in
Mar 20th, 2013 |
So far in this series, Justin and I have provided tips for securing the foundations of your AWS deployment. Taken together, these tips work to reduce the overall attack surface—the area exposed to the outside world—of your application. Now it’s time to add the next layer of controls to you application, starting with a host-based intrusion prevention system or IPS.
At this point we’ve already disabled unused services on our instances and have blocked any unnecessary inbound ports using our firewalls. This is a fantastic start but it really only reduces the area we present...
Mark Nunnikhoven in
Mar 6th, 2013 |
Last week, Justin covered some of the high level issues around AMI development. This week, we’re going to take a look at how to protect the guest operating system running on your EC2 and VPC instances.
AWS had published quite a few papers around their services. AWS Security Best Practices [PDF] and AWS Risk and Compliance [PDF] stand out as excellent security resources. In the best practices paper, under the section “Secure your Application” (pg. 4), they make a few recommendations which boil down to:
use recommended secure settings for operating...
Dave Asprey in
Jan 7th, 2013 |
On a whirlwind tour of Asia, I spoke at several virtual and in-person conferences, including Cloudsec2012. I met with dozens of IT executives responsible for security for cloud infrastructures in Japan and Singapore as well as many other countries in the region. The tour gave me the opportunity to really dig in on cloud security in that area, enough so that I wrote a new report titled The State of Cloud Computing Security in Asia.
This report goes into detail on how the development of cloud computing is impacting the Asia-Pacific region. Specifically, we compare Japan, Australia, Singapore, Malaysia,...
Erica Benton in
Sep 19th, 2012 |
Upcoming Change to the Cloud Security Blog – the new Trend Micro consolidated Blog site
Starting today, Trend Micro is launching the Blog@ Trend Micro site, which will showcase the Cloud Security Blog, alongside all the other great content produced by the other teams here at Trend Micro. Each of the blogs will be a “conversation” under the main Trend Micro blog, making it easier for readers to access and participate in discussions across a range of topics.
Our dear readers can still count on receiving the same top-quality news, information, and commentary on the latest in cloud security...
Christine Drake in
Cloud, Cloud-based Security, SaaS, Security, Smart Protection Network, Threats
Jan 19th, 2012 |
When people talk about cloud security it can mean either 1) security for the cloud—security that protects your cloud initiatives, like protection for virtual machines or data stored in the cloud; or 2) security from the cloud such as Security as a Service that uses the cloud to deliver some aspect of protection, like hosted email or web security. Here, I’d like to focus on security from the cloud that’s delivered in a hybrid model—a cloud-client architecture.
Using the cloud for security can deliver faster threat protection and better security. Traditional security has relied on signature...
Christine Drake in
Cloud, Cloud-based Security, Consumerization of IT, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, VMware
Oct 7th, 2011 |
Traditionally businesses have focused their IT security on perimeter defense—blocking threats before they enter the network. This protection is still important. But with today’s cloud computing, mobile devices, and advanced persistent threats (APTs), businesses need security that protects their data wherever it travels and in whatever type of device it resides, requiring new data-centric security.
Earlier this week, Trend Micro held its annual insight event for the analyst community and announced our new vision on data-centric security (see video clips of the event here and here). Back...
Dave Asprey in
Cloud, Cloud-based Security, Securing the Cloud, Security
Jul 28th, 2011 |
The application-layer DDoS threat actually amplifies the risk to data center operators. That’s because IPS devices and firewalls become more vulnerable to the increased state demands of this emerging attack vector – making the devices themselves more susceptible to the attacks. Moreover, there is a distinct gap in the ability of existing edge-based solutions to leverage the cloud’s growing DDoS mitigation capacity, the service provider’s DDoS infrastructure or the dedicated DDoS mitigation capacity deployed upstream of the victim’s infrastructure.
Current solutions do not take advantage...
Patrick Wheeler in
Cloud, Cloud-based Security, Consumerization of IT, hybrid-cloud, Privacy, Compliance and Identity, private cloud, public cloud, SaaS, Securing the Cloud, Security, Threats, Virtualization
Jun 20th, 2011 |
For all its hype iCloud does not represent a fundamentally new problem. Employees are already bringing personal devices to work and wanting to use them in their jobs, and these unmanaged devices are mixing personal and corporate data on a system that is outside the control of the security and IT teams. There are already many apps and cloud-based services for sharing data between users and between devices (such as Dropbox), and these services are giving security pros fits. What is new is that iCloud will make these things happen automatically, and potentially without the intent or even awareness...