Software-as-a-Service Rules the Cloud
Half of the IT professionals surveyed who use cloud services also employ infrastructure-as-a-service and platform-as-a-service.
Stay updated with the latest trends and security protocols in cloud computing. Navigate the evolving landscape of Cloud Information Security with us.
Search across headline titles and summaries.
Background for this topic.
Cloud computing involves delivering computing services—such as storage, processing, and networking—over the internet using remote data centers. This model enables organizations to scale resources dynamically without owning physical infrastructure. In security terms, the cloud environment is defined by multi-tenant infrastructure where multiple customers share hardware and software resources managed by a cloud provider.
Key security concerns include controlling access through strong identity and access management (IAM), protecting data with encryption both at rest and in transit, and managing vulnerabilities in shared infrastructure components. The cloud’s shared responsibility model requires customers to secure their applications and data while providers secure the underlying platform. Misconfigurations, weak access controls, and insufficient monitoring can expose cloud assets to unauthorized access or data leakage, making precise configuration and continuous security assessment essential.
Half of the IT professionals surveyed who use cloud services also employ infrastructure-as-a-service and platform-as-a-service.
Security researchers have discovered the first malware specifically developed to target Amazon Web Services (AWS) Lambda cloud environments with cryptominers. [...]
Bundled version of Node.js simplifies executing downloaded code Adobe Creative Cloud Experience, a service installed via the Creative Cloud installer for Windows, includes a Node.js executable that's useable as part of an attack chain.…
Enables network equipment manufacturers to validate devices in distributed cloud networks.
Self-service cloud SIEM comes in free and paid editions.
VMware has released security updates to patch eight vulnerabilities spanning its products, some of which could be exploited to launch remote code execution attacks
Trend Micro was named a strong performer in the Forrester Wave™: Cloud Workload Security, Q1 2022, achieving the highest possible score in the market presence category. That said, Trend Micro Cloud One secures far more than workloads and containers.
We provide a guide to detecting Dirty Pipe, a Linux kernel vulnerability tracked as CVE-2022-0847.
Nudge Security plans a general launch of its cloud-based service later this year.
Microsoft said that it's currently tracking a "low volume of exploit attempts" targeting the critical Spring4Shell (aka SpringShell) remote code execution (RCE) vulnerability across its cloud services. [...]
Microsoft has revealed that Window 365, the company's virtualized desktop service, will get support for new features to make it easier to use log into and work with Cloud PCs from any device. [...]
Our Vectra Masked CISO series tackles some of the biggest issues in security and how to overcome them Advertorial Security must be tried, tested, and tested again. It’s become easier than ever for cybercriminals to find stealthy new ways to gain access to and navigate laterally across systems, exploit gaps in hybrid workflows, or hijack cloud accounts to gain access to a target. It is vital that every CISO can offer a clear picture of how their security is really holding up against the latest tactics, techniques, and procedures. However, all too often I’ve seen my fellow CISOs fall into a cycle of preparing annual penetration tests of point systems to be “compliant,” which in fact only makes them sitting ducks just waiting for a breach to occur.…
Company launches cloud delivered, Zero Trust Network Access solution that protects all apps, data and devices, enabling secure work from anywhere.
VMWare has published a security advisory for the critical remote code execution vulnerability known as Spring4Shell, which impacts multiple of its cloud computing and virtualization products. [...]
With a properly functioning cybersecurity mesh architecture, one can guarantee safe, authorized access to data from any access point.