Software Integrity Blog

Archive for the 'Cloud Security' Category

 

CORD Project: Driving network solutions with open source

The CORD® platform uses leading-edge SDN, NFV, and cloud technologies to build nimble inline data centers at the edge of operator networks. Learn more.

Continue Reading...

Posted in Cloud Security, Open Source Security | Comments Off on CORD Project: Driving network solutions with open source

 

With comparisons to Heartbleed, Cloudbleed may affect millions

The new Cloudbleed vulnerability, like Heartbleed, was discovered through routine fuzz testing and may affect 5.5 million websites and millions of users.

Continue Reading...

Posted in Cloud Security, Fuzz Testing | Comments Off on With comparisons to Heartbleed, Cloudbleed may affect millions

 

5 security industry buzzwords we love to hate

Computing security is an interesting space. One of the main aspects that makes it interesting is that there are many security terms that are ambiguous. With some words, we have no idea why we’ve come to use them! While these buzzwords aren’t going away any time soon, here is a list of buzzwords that most of the security industry loves to hate: 100% Secure Your security is only as good as your weakest link. It’s obvious to the current security world that there is no such thing as 100% secure. However, some organizations guarantee on their website that they are indeed 100% secure. This may seem like a good marketing strategy to attract customers who may not know much about security. It’s also asking for trouble when security professionals notice a claim like this. It is best to steer clear of this term. Hacker When we think of a hacker by that name, a criminal computer nerd comes to mind. You know, the dark shadowy figure in a hoodie that’s sitting behind a fancy laptop. The same figure who steals bank account details with the intention of reeking high-tech havoc.

Continue Reading...

Posted in Cloud Security | Comments Off on 5 security industry buzzwords we love to hate

 

Examining containerization security challenges and solutions

Containerization is a relatively new way to host and deploy applications in comparison to the traditional hardware-based deployment or VM-based virtualization. It’s fast, cost effective, and efficient. But is it secure?

Continue Reading...

Posted in Cloud Security | Comments Off on Examining containerization security challenges and solutions

 

Cloud-based application security testing challenges and tips

Cloud computing has influenced IT delivery services (including storage, computing, deployment, and management) with the maturity of automation and virtualization technologies. With these maturing technologies, a major obstacle in the adoption of cloud computing is security. Cloud security testing, as a relatively new service model, allows IT security testing service providers to perform on-demand application security testing in the cloud. This allows organizations to control costs while maintaining secure applications. Thus, the objective of cloud-based applications security testing is to enable these service providers to leverage cloud technologies and solutions in a secure manner.

Continue Reading...

Posted in Cloud Security | Comments Off on Cloud-based application security testing challenges and tips

 

Hacking medical devices: 5 ways to inoculate yourself from attacks

A terrorist hacks into the US Vice President’s pacemaker to murder him. It happened on the Showtime series Homeland, but could it happen in real life? Most security experts agree that such a scenario is highly unlikely or even downright impossible. However, that doesn’t mean you should ignore the real security risks that medical devices and systems introduce. They may not be as extreme as Hollywood portrayals, but security vulnerabilities and data breaches in medical devices and systems can put patient safety at risk and expose healthcare companies to data-disclosure and HIPAA regulatory risks.

Continue Reading...

Posted in Cloud Security, Healthcare Security, Internet of Things, Medical Device Security | Comments Off on Hacking medical devices: 5 ways to inoculate yourself from attacks

 

Embracing the security benefits of the cloud infrastructure

The original version of this post was published on SecurityWeek.

Continue Reading...

Posted in Cloud Security | Comments Off on Embracing the security benefits of the cloud infrastructure

 

The IoT sky is falling: How being connected makes us insecure

The original version of this post was published on SecurityWeek.

Continue Reading...

Posted in Cloud Security, Internet of Things | Comments Off on The IoT sky is falling: How being connected makes us insecure

 

Learn to secure a cloud application in a single day

How can cloud applications build security in? This question may seem almost as limitless as the cloud itself. To get some answers, we sat down with John Roberts, Senior Security Consultant and resident Amazon Web Services (AWS) expert, to discuss Synopsys’ newest training opportunity.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security, Security Training | Comments Off on Learn to secure a cloud application in a single day

 

5 essentials of cloud-based application security testing

If the applications can move to cloud, why can’t security testing?

Continue Reading...

Posted in Cloud Security | Comments Off on 5 essentials of cloud-based application security testing