AI/ML Basics Simply defined, Artificial Intelligence (AI) is a field of Computer Science where Systems are taught and can simulate intelligent and/or predictive behavior and/or activities using programs and technology. Machine Learning (ML) is a subspecialty of AI by which a computer improves its own performance by continuously incorporating new data into its statistical model. An Artificial Neural…
QuickGuide: Security on OCI
OCI’s native capability to obtain packet capture and monitor flow data between components Each compute instance in a VCN has one or more Virtual Network Interface Cards (VNICs). The OCI Networking service uses Security Lists to determine what traffic is allowed through a given VNIC. The VNIC is subject to all rules in all security…
Oracle Cloud Announcement June 2021
Are you an Oracle customer? If yes, it’s time to cash in with this awesome program Oracle just launched. For every dollar you spend on OCI, you get a discount of 25 cents on your Oracle Support bill! And the cherry on the top? Oracle will lift your workloads to OCI for free! Oh wait,…
Security Assessment: 7 questions to ask
With everything going on in the cybersecurity space, and a general push towards cloud adoption, security is on top of everyone’s mind. Here are some questions to ask your organization to identify security gaps – Incident Management – How well do we detect, accurately identify, handle, and recover from security incidents? Vulnerability Management – How well do…
BCDR Assessment: 10 questions to ask
Here’s a quick & dirty assessment for your organization’s Business Continuity & Disaster Recovery maturity – When it comes to Business Continuity & Disaster Recovery, what is your organization’s mission, goals, and objectives? What are the outputs of your value chain? (These are typically the products and services you produce) Do you have an established business continuity management system (BCMS)? What…
The Cloud Management Plane
The management plane controls the entire infrastructure. Parts of it will be exposed to customers independent of network location, so it is a prime resource to protect. Its graphical user interface, command line interface (if any), and API need to have stringent and role-based access control. In addition, logging of all relevant actions in a…
Secure Installation and Configuration of Virtualized Cloud Datacenters
Secure configuration of the virtualization management toolset is one of the most important steps when building a cloud environment. A compromise of the management tools may allow an attacker unlimited access to the virtual machine, the host, and the enterprise network. Therefore, the management tools must be securely installed and configured and adequately monitored. NOTE:…
Cloud Datacenter: Hardware-specific Security Configuration Requirements
The data center should have hardware and virtualization protections at the component level. Virtual private cloud (VPC) protection is a fundamental protection in public cloud consumption as well as a key attribute of security groups. Hardware-based tools that include Trusted Platform Modules also feature in the suite of logical and physical data center security. Best…
Countermeasure Strategies: Cyber Kill Chain
In the world of cybersecurity nefarious acts are often caught after the exploitation of systems has occurred. Depending on the gravity of the exploitation, it can lead to thorough investigations that may be operational (within an organization), criminal, and tort (recovery of financial damages). The findings of the investigation can lead to an assessment that…
Countermeasure Strategies: Zero Trust Model
Before an organization selects specific technology and service solutions, they first need to contemplate a complete enumeration of imperative or critical business functions/services and what threats exist to resiliency of those functions/services. The adoption of a strategy to combat those threats may not mean selecting a specific tool but rather may mean adopting a selected…
Risks Related to the Cloud Environment: Vulnerabilities, Threats, and Attacks
Knowing the top threats to cloud computing, allows an organization to reduce attack surfaces by selecting appropriate countermeasures. Strategies like a Zero Trust architecture and imagining the cyber “kill chain” before an incident occurs can lead to successful protection. As the commoditization of cloud services increases, so does the attention and capability of criminal enterprises…
Data Center Design: Fire Prevention & HVAC
ISO/IEC TS 22237-6:2018 addresses security systems and uses the term fire-stopping in reference to fire prevention. The list guidance that follows can be utilized in construction or verifying controls in existing structures. Fire-stopping techniques applied to pathways that penetrate the boundary of a fire compartment shall be specified in terms of: the fire rating, construction…
Uptime Institute’s “Data Center Site Infrastructure Tier Standard: Topology”
The Uptime Institute is an unbiased international advisory organization and a leader in data center design and management. The institute’s “Data Center Site Infrastructure Tier Standard: Topology” document provides the baseline that many enterprises use to rate their data center designs. The document describes a four-tiered architecture for data center design, with each tier including…