Software Integrity Blog

Archive for the 'Cloud Security' Category

 

[Webinar] Securing enterprise-level cloud deployments

In our on-demand webinar with Kinnaird McQuade (Synopsys), you’ll learn about essential cloud security practices and how to secure cloud deployments at the enterprise level.

Continue Reading...

Posted in Cloud Security, General, Webinars | Comments Off on [Webinar] Securing enterprise-level cloud deployments

 

[Webinar] Cloud DevSecOps with Synopsys and AWS

In our on-demand webinar with Binoy Das (AWS) and Dave Meurer (Synopsys), you’ll learn how to manage security in your cloud DevSecOps processes with automation.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security, Webinars | Comments Off on [Webinar] Cloud DevSecOps with Synopsys and AWS

 

How to integrate cloud security into your SSI

Every organization that develops or integrates software needs a software security initiative (SSI)—that has been true for years. Security is, or ought to be, as important as function and features.

Continue Reading...

Posted in Cloud Security | Comments Off on How to integrate cloud security into your SSI

 

How and why business is migrating to the cloud

Most businesses either have a cloud migration strategy or have already moved. Cloud is simply better than on-premises—and not just because of lower costs.

Continue Reading...

Posted in Cloud Security | Comments Off on How and why business is migrating to the cloud

 

Survey: Data management is an afterthought in cloud migration

Failing to plan for cloud data migration challenges can result in data loss, breaches, and noncompliance, which increase costs and damage brand reputation.

Continue Reading...

Posted in Cloud Security | Comments Off on Survey: Data management is an afterthought in cloud migration

 

How does the TeenSafe data leak present a classic false sense of security?

Security researcher Robert Wiggins recently uncovered a serious security issue in the TeenSafe “secure” monitoring product for Android and iOS platforms.

Continue Reading...

Posted in Cloud Security, Data Breach, Software Architecture and Design | Comments Off on How does the TeenSafe data leak present a classic false sense of security?

 

How can SMBs maximize AppSec returns on an SMB budget?

Small and medium-size businesses (SMBs) are nonsubsidiary, independent firms that employ fewer than a given number of employees. This number varies from country to country: Gartner defines an SMB as having fewer than 1,000 employees, but the European Union defines an SMB as having fewer than 250 employees. Managing an SMB budget Many factors affect the management of any budget. For an SMB, these factors include (but aren’t limited to) these:

Continue Reading...

Posted in Cloud Security, Data Breach, Static Analysis (SAST) | Comments Off on How can SMBs maximize AppSec returns on an SMB budget?

 

7 things to consider when transitioning your applications to the cloud

Here are 7 key considerations to securely transition your apps to the cloud: cloud configuration, IAM, microservices, automation, microsegmentation, APIs, and DevSecOps. Written in coordination with Ugochukwu Enyioha.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security | Comments Off on 7 things to consider when transitioning your applications to the cloud

 

The 4 most important secure development disciplines

Being the most innovative and successful cloud monitoring company on the market, developing new features to production every day, it’s not only crucial to deliver the best user experience, performance and high reliability, but also guarantee the highest SECURITY for our customers.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security, Static Analysis (SAST), Web Application Security | Comments Off on The 4 most important secure development disciplines

 

A primer on protecting keys and secrets in Microsoft Azure

Supporting data confidentiality, including encryption keys and certificates, is a critical task. In cloud-hosted workloads, the requirements are even more complex as different actors need to mediate access to sensitive material. According to the Ponemon Institute’s 2015 Cost of Failed Trust Report, “Security professionals believe that, over the next two years, the risk facing every Global 5000 from attacks on keys and certificates is at least $53M.” The report also notes that “54 percent of organizations admit to not knowing where all keys and certificates are located, which means they do not understand how they are being used or what should be trusted.”

Continue Reading...

Posted in Cloud Security | Comments Off on A primer on protecting keys and secrets in Microsoft Azure