Security

NeuVector Launches New Approach to Continuous Docker Container Security

Grazed from NeuVector

NeuVector today announced the launch and immediate availability of a new approach to securing Docker containers. With constant behavioral learning automatically applied to security policies for containers, NeuVector secures containers where they have been most vulnerable: in production environments where they are constantly being deployed, updated, moved, and scaled across hosts and data centers. Companies with production Docker deployments (or who are evaluating container-based applications) can quickly test-drive NeuVector's answer to stronger and faster container security here.

NeuVector's solution for container security is itself a container. The application automatically learns and whitelists normal behavior to protect environments even as containers scale up and down. Through this built-in continuous application and network intelligence, NeuVector is providing application layer segmentation that completely isolates container traffic. Any abnormal connections can then be proactively and automatically detected and blocked before causing harm. NeuVector completes its solution with runtime vulnerability scanning across all running containers and hosts, and includes threat detection for attacks such as DDoS, DNS, and others.
 

Cloud Computing: Building your data castle - Protecting from ransomware and restoring data after a breach

Grazed from CloudTech. Author: David Trossell.

The data centre is the castle. You can pull up the drawbridge, fill up the moat, or pull down the portcullis. But at some point, you have to let data in and out, and this opens up the opportunity for ransomware attacks. No longer is it a matter of pride and peer recognition in the hacker community for circumnavigating and exposing the security of an organisation because it is now a fully-fledged industry in its own right with the use of ransomware.

That cybersecurity company Herjavec Group estimates to top a $1 Billon in 2016. In the past, those under siege used to flood the moats, pull up the drawbridges and drop the portcullis to protect themselves but with the modern data centre organisations life blood is the movement of data in and out of the data centre...

Cloud Computing: AWS Quietly Acquired Cybersecurity Firm Harvest.ai

Grazed from MSPMentor. Author: Chris Burt.

Amazon Web Services (AWS) acquired San Diego-based cybersecurity firm harvest.ai for a reported $19 million sometime in early 2016, investor Fred Wang has confirmed. Wang, a general partner with harvest.ai investor Trinity Ventures, declined to confirm the terms of the deal, but told GeekWire “it was a good win for the investors and for the management team.”

“The company works in an area called data-leakage prevention,” Wang said. “At one time a lot of companies got into it, but most of them didn’t get much traction. Harvest.ai automated looking at file-access patterns to detect which are normal and which are not.” It does this by using neural nets, natural-language processing, and other AI algorithms, and tracking data storage and access, and components, applications, and users on the network...

Cloud Computing: Preparing for a year of ‘unknown unknowns’ in cyber security

Grazed from CloudComputing. Author: Mike East.

Today’s threat landscape is constantly evolving. In 2016 in particular, we’ve seen a huge shift with adversaries penetrating organisations from the DNC to WADA and gaining access to sensitive documents that were later leaked to embarrass individuals. Yet, while many believe that this trend starts and ends with a contentious election, it’s not something that’s going away in 2017.

In fact, we’re starting to see continued and varied threats, most recently with DDoS attacks taking down the likes of the EU commission. Overall, the pace and variation of exploits driven by technically astute adversaries, will only gain momentum in the coming year if not managed effectively...

Read more from the source @ http://www.cloudcomputing-news.net/news/2016/dec/07/preparing-year-unknown-unknowns-cyber-security/

VMware Unveils Key Findings from Cloud Research on IT Management and Security

Grazed from VMware

VMware, Inc. today announced key findings from a cloud study conducted by Vanson Bourne on IT management. The study dove deeper into the topic explored by the recent VMware-sponsored survey by The Economist Intelligence Unit (EIU) and found that 69 percent of respondents to the Vanson Bourne survey agree that the management of IT has become increasingly decentralized in the past three years. Findings also revealed that IT isn't ready for this transition and it may be causing more harm to businesses than good, specifically around security, with 57 percent of respondents agreeing that decentralization has resulted in the purchasing of non-secure solutions.

Business models are being disrupted and digital transformation is critical in enabling organizations to remain innovative, competitive and agile. Cloud computing has been key to this transformation, but IT is struggling to keep up and so responsibility has shifted away from IT. Lines of business are now purchasing IT 'as a service' to drive innovation within their domains. With this decentralization comes both opportunities and challenges. While it could empower all business units to drive innovation and ease pressure on IT, it also creates numerous management, security and compliance issues.

Kaseya AuthAnvil Safeguards Microsoft Office 365 Customers

Grazed from Kaseya

Kaseya, the leading provider of complete IT management solutions for Managed Service Providers (MSPs) and small to midsized businesses (SMBs), today announced the immediate availability of the latest release of Kaseya AuthAnvil on-demand. Delivering a new level of security all within a single identity and access management (IAM) solution, the technology now provides easy single sign on (SSO), multifactor authentication (MFA) and automated user provisioning for Microsoft Office 365.

Microsoft Office 365 commercial subscriptions have ballooned in 2016, up 40 percent from the previous year to 85 million subscribers. As companies around the world continue to embrace the shift to the cloud, millions of Microsoft Office 365 corporate users now have access to Kaseya AuthAnvil's patented password management, MFA and SSO capabilities to further secure both employee and customer environments in the cloud.

A Storm Is Brewing: The Trouble of Malware in the Cloud

Grazed from HowStuffWorks. Author: Jonathan Strickland.

When I wrote a series of articles explaining How Cloud Computing Works several years ago, the phrase “cloud computing” — the practice of storing and processing data on remote servers that can be accessed online — was just starting to catch on. More people are familiar with the term today, though many still aren’t sure what it means. But for those concerned about the security of the cloud, a recent study could give us a glimpse into the future of detecting computer viruses and other malware.

First, the basics. Cloud computing isn’t that mysterious — it’s a relatively simple strategy. It involves networking computers, connecting the network to the internet and using those computers to provide services to people. Those services can be simple storage solutions, like an online photo album or filing system like Google Drive. Or they can involve leveraging the networked computers’ processors to do work a personal computer couldn’t handle. In any case, cloud computing can be summed up with the phrase “it’s all happening on someone else’s computer.”...

Shift towards cloud computing driving security in data centers

Grazed from DatacenterNews. Author: Shannon Williams.

Increased threats to stored information due to the rising number of cyber attacks is just one of many factors driving the data center security market, according to new figures from Grand View Research, which says the global market is expected to reach USD 15.49 billion by 2024. The report says data centers need to be safeguarded against attacks and manipulation at both physical and logical level, subsequently creating a need for a cumulative deployment of security infrastructure.

The increasing awareness about the need for security, growing demand from the data center users for an integrated infrastructure, increasing adoption of cloud computing and virtualisation, and threat to the stored information due to the rising number of cyber-attacks are expected to propel industry over the forecast period...

Cloud Computing: When Compliance Comes Down to Security

Grazed from CloudComputingExpo. Author: Fouad Khalil.

In the business world, it's hard to throw a rock without hitting a compliance requirement. All must be obeyed, but some call for a high level of control and auditability. Governing bodies are exerting their authority like never before, increasing the number of auditors and handing out heavy fines - sometimes as much as $1 million. This has become the new norm, and it isn't likely to turn around any time soon. It's important, then, to be aware of the primary threats that could undermine compliance efforts. The top three such issues are discussed below.

The Challenges of SOX

Public companies in the U.S. as well as foreign companies listed on U.S. exchanges are required by Sarbanes-Oxley (SOX) to assess their internal controls, have that assessment validated by an external auditor and report the assessment to the SEC. Information security professionals need to ensure that their organization complies with requirement in Section 302 and Section 404 of the legislation...

Read more from from the source @ http://www.cloudcomputingexpo.com/node/3900000

Security Teams Not Keeping Up With Exponential Cloud Server Growth

Grazed from TechWeek Europe. Author: Ben Sullivan.

No shift to the cloud comes without a conversation about security, and for attendees of the annual Black Hat security conference, one of the main issues about moving companies to cloud computing is seen to be the increase of the attackable surface area. Almost all of the respondents to a survey conducted by CloudPassage at the conference noted that when moving from traditional data centres to a cloud infrastructure environment, they increased the number of server workloads by a factor of two to 100 times.

‘Attackable surface area’

This, in turn, greatly increases their attackable surface area, and enterprises are worried. In fact, over three quarters of respondents said that security team hiring in the enterprise has not kept pace with this rate at which new server workloads are created, changed or retired in the cloud...