Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Last month, we covered how Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, GCP, and other cloud-based services such as Salesforce. In this blog, we will continue our dive into cloud services and show how Tripwire Configuration Manager can monitor your Zoom environments. Zoom is a popular video telecommunications platform that […]
Continue ReadingYou may already know that Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, and Google Cloud Platform, but did you know it also has capabilities to monitor other cloud based software services such as Salesforce? Salesforce is a popular customer relationship management (CRM) service with rich configuration options that could […]
Continue ReadingTripwire Configuration Manager is an easy-to-use service that allows you to monitor and enforce secure configuration policies across your multi-cloud environment. The Configuration Manager free trial allows users to experience the user interface and evaluate platform capabilities for 30 days using either Tripwire demo data or your own customer data. This blog will walk through […]
Continue ReadingDetermining the security posture for an increasing quantity of cloud accounts and services used by many organizations can feel overwhelming, but Tripwire Configuration Manager can help you find, fix, and even enforce settings for common security problems in cloud services. In this blog, we will show how the simple steps required to have Tripwire Configuration Manager […]
Continue ReadingResponding to the all too familiar news of compromised Amazon cloud storage, security researchers have begun leaving “friendly warnings” on AWS S3 accounts with exposed data or incorrect permissions. The misconfiguration of access control on AWS storage “buckets” has been behind numerous high profile data breaches, including Verizon, The Pentagon, Uber and FedEx. Researchers have begun taking security notification into their own […]
Continue ReadingThere’s a common misconception that cloud providers handle security, a relic leftover from hosting providers of previous decades. The truth is, cloud providers use a shared responsibility model, leaving a lot of security up to the customer. Stories of AWS compromise are widespread, with attackers often costing organizations many thousands of dollars in damages. Luckily, The Center […]
Continue ReadingIf you are embracing DevOps, cloud and containers, you may be at risk if you’re not keeping your security methodologies up to date with these new technologies. New security techniques are required in order to keep up with current technology trends, and the Center for Internet Security (CIS) provides free cybersecurity best practices for many newer platforms. The CIS […]
Continue ReadingData breaches are becoming increasingly common, and one factor driving this escalation is the fact that today’s IT systems are integrated and interconnected, requiring login information from multiple parties and services. In response, Amazon Web Services has newly launched the AWS Secrets Manager, a service designed to help organizations get a handle on these “secrets” by […]
Continue ReadingIn a previous blog, I discussed securing AWS management configurations by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best practices. Now I’d like to do the same thing for Microsoft Azure. I had the privilege of being involved […]
Continue ReadingWe’ve previously discussed best practices for securing Microsoft Azure and Amazon Web Services but, this time, we are going to turn our attention to Google Cloud Platform. Google Cloud Platform (GCP) is growing at an impressive 83 percent year over year but generally receives less focus than AWS and Azure. We can use some of our best practice cloud security knowledge to outline some fundamental […]
Continue Reading