Security Experts:

long dotted


Facebook has asked major US banks to share customer data to allow it to develop new services on the social network's Messenger texting platform, a banking source told reporters. [Read More]
NetSpectre shows that Spectre Variant 1 attacks can be used to read arbitrary memory data remotely in a LAN or the cloud, but exfiltration is limited to 60 bits per hour [Read More]
Google on Wednesday took the wraps off a broad range of tools to help cloud customers secure access to resources and better protect data and applications. [Read More]
Vulnerabilities in Apache OpenWhisk could have been exploited by hackers to overwrite and execute code in IBM Cloud Functions. Patches released by both Apache and IBM [Read More]
Department of Defense (DoD) IT managers say the DoD needs to improve the use of cloud to maintain the military’s technical advantage and support mission success. [Read More]
Hackers gained access to Timehop systems in December 2017, but the breach was only discovered on July 4. The incident affects 21 million users [Read More]
Microsoft this week announced the public preview of new Azure tools that should help its customers eliminate easily guessable passwords from their environments. [Read More]
Updates released by Microsoft for Windows enable a feature that should prevent attacks involving the recently disclosed Variant 4 of the Spectre/Meltdown flaws [Read More]
IBM adds two new features to its MaaS360 with Watson unified endpoint management (UEM) product: Business Dashboards for Apps and Policy Recommendation Engine [Read More]
Researchers have devised an attack method called SEVered, which they say is capable of bypassing AMD’s Secure Encrypted Virtualization (SEV) and can be used to extract all memory contents of a virtual machine. [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

John Maddison's picture
Analysis of a vendor’s underlying design and optimization approaches will enable you to select the solution that best meets your organization’s performance and budgetary requirements.
Ashley Arbuckle's picture
What can you do to mitigate the risk you may be inadvertently introducing to your public cloud deployments?
Scott Simkin's picture
Clunky security approaches, pieced together from multiple vendors, result in a fragmented security environment where IT teams must manually correlate data to implement actionable security protections.
Ashley Arbuckle's picture
While it’s easy to deploy new IT services, many of the security tools and processes that we’ve used in our networks and data centers will not work in public clouds.
Travis Greene's picture
Maintaining consistent security controls across the entire hybrid IT environment is growing increasingly complex as more cloud services are adopted.
Scott Simkin's picture
While it's not possible to put a physical firewall in the cloud, security professionals must apply the same rigor to secure the cloud as they would the network or the endpoint.
Marie Hattar's picture
Without visibility, your security teams are more likely to over or under invest in your company’s security infrastructure. That is a big risk to take.
Ting-Fang Yen's picture
With the commoditization of cloud computing in recent years, fraudsters and cybercriminals alike have started to take advantage of public cloud services and dedicated/virtual hosting to conduct attacks.
Ashley Arbuckle's picture
Just like getting off the couch and into shape can be overwhelming, the same can be true for transitioning to the public cloud.
Ashley Arbuckle's picture
With more leading-edge IT capabilities available only in the cloud, companies that can migrate more of their applications accordingly stand to gain even greater agility, scalability, and efficiencies required for business success.