AWS

7 Container Security Best Practices For Better Apps

Posted on by Admin
7 Container Security Best Practices For Better Apps

Write clean code In 2020, Digital Shadow scanned more than 150 million entities from GitHub, GitLab, and Pastebin and found 800,000 access keys and secrets. 40% of these were for database stores—38% for CSPs such as Google, Microsoft Azure, and AWS. Yikes. It goes without saying (but I’m saying it anyways) you cannot afford to have your secrets exposed. To keep your secrets secret, avoid writing secrets into the code or in a config file…

Read More

Cryptojacking Attacks Target Alibaba ECS Instances

Posted on by Admin
Cryptojacking Attacks Target Alibaba ECS Instances

Cryptojacking Attacks Target Alibaba ECS Instances Workload Security Discover how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. By: Alfredo de Oliveira February 04, 2022 Read time:  ( words) Cryptojacking attacks continue to increase. Unlike ransomware, cryptojacking cybercriminals make their money staying silent and undetected, leeching the computer power from their target to mine valuable cryptocurrency. Cryptomining can cause serious downtime for developers by draining the enterprise’s processing…

Read More

IaC: Azure Resource Manager Templates vs. Terraform

Posted on by Admin
IaC: Azure Resource Manager Templates vs. Terraform

Infrastructure as code (IaC) is the process of configuring infrastructure through code instead of manually. A manual process requires operators and system administrators to configure any changes to the infrastructure. Using IaC, DevOps teams can store the infrastructure configuration code and application code in a centralized repository. IaC ensures consistent and more secure deployment. By avoiding error-prone manual configuration and deployment, security standards and policies are easier to maintain. And, DevOps engineers can improve scalability…

Read More

Microservice Security: How to Proactively Protect Apps

Posted on by Admin
Microservice Security: How to Proactively Protect Apps

Microservice Security: How to Proactively Protect Apps Serverless Security Microservices are growing in popularity—how can development teams embed seamless security into the entire pipeline? Fernando Cardoso, solutions architect at Trend Micro, breaks it down for you. By: Melanie Tafelski, Fernando Cardoso January 19, 2022 Read time:  ( words) Microservices Overview As many organizations moved to serverless functions to maximize agility and performance in the cloud, microservices became the new go-to design architecture for modern web…

Read More

Apache Log4j: Mitigation for DevOps

Posted on by Admin
Apache Log4j: Mitigation for DevOps

Apache Log4j: Mitigation for DevOps Cloud Native What can DevOps teams do to mitigate Apache Log4j risks? Explore how to secure your apps for today and against future vulnerabilities. By: Melanie Tafelski January 05, 2022 Read time:  ( words) What is Apache Log4j? You’ve most likely heard of the critical flaw CVE-2021-44228, discovered in the popular Java-based library, Apache Log4j. Nicknamed Log4Shell, it impacts numerous Apache projects, including Druid, Dubbo, Flink, Flume, Hadoop, Kafka, Solr, Spark,…

Read More

Top 10 AWS Security Misconfiguration

Posted on by Admin
Top 10 AWS Security Misconfiguration

Swift cloud adoptions spurred on by the global pandemic has led to oversights, errors, or ill-informed cloud service configuration choices (commonly referred to misconfigurations). You may have heard that securing the cloud can be complex, but something as “simple” to stop as a misconfiguration can ultimately lead to the unintended exposure of mission-critical information and assets. Major cosmetic retailer, Estee Lauder, experienced a major breach due to a misconfiguration, resulting in more than 440 million…

Read More

New SDDC Linking capability for VMware Cloud on AWS

Posted on by Asad Yaseen
New SDDC Linking capability for VMware Cloud on AWS

Original blog posted on November 3rd, 2020. Want a simpler way to manage all vCenter Servers … The post New SDDC Linking capability for VMware Cloud on AWS appeared first on VMware Cloud Community. Source link

Read More
1 3 4 5