This article is intended for software development and IT teams who want to securely build and deploy applications in cloud computing environments, specifically PaaS and IaaS. Cloud computing mostly brings security benefits to applications, but as with most areas of cloud technology, it does require significant changes to existing practices, processes, and technologies that were…
Category: security
How Cloud impacts Incident Response
The Incident Response (IR) Lifecycle Preparation: “Establishing an incident response capability so that the organization is ready to respond to incidents.” Process to handle the incidents. Handler communications and facilities. Incident analysis hardware and software. Internal documentation (port lists, asset lists, network diagrams, current baselines of network traffic). Identifying training. Evaluating infrastructure by proactive scanning…
QuickGuide: Cloud Incident Response Recommendations
SLAs and setting expectations around what the customer does versus what the provider does are the most important aspects of incident response for cloud-based resources. Clear communication of roles/responsibilities and practicing the response and hand-offs are critical. Cloud customers must set up proper communication paths with the provider that can be utilized in the event of an incident….
QuickGuide: Cloud Security Recommendations
Know the infrastructure security of your provider or platform: In the shared security model, the provider (or whoever maintains the private cloud platform) has the burden of ensuring the underlying physical, abstraction, and orchestration layers of the cloud are secure. Review compliance certifications and attestations. Check industry-standard and industry-specific compliance certifications and attestations on a regular basis for having the…
Common Cloud Security Threats
Cloud deployments, whether public, private, hybrid or community, are susceptible to all the traditional cybersecurity threats and more. Let’s look at the most common threats: Virtual machine attacks: Active VMs are vulnerable to all traditional attacks that can affect physical servers. Once a VM is compromised, it may be able to attack other VMs running…
“Trust me, I am a CISO”
As things around us rapidly unfold in the cybersecurity realm, many “experts” are sprouting out of the woodwork. How do we distinguish between the real deal and the phonies? Some questions to ask every “CISO” – How do you ensure security policies, procedures, baselines, standards, and guidelines are written to address the information security needs…
Weapons of Mass Disruption
Moonlight Maze In 1996, in the infancy of the Internet, someone was rummaging through military, research, and university networks primarily in the United States, stealing sensitive information on a massive scale. Victims included the Pentagon, NASA, and the Department of Energy, to name a very limited few. The scale of the theft was literally monumental,…
Installing Kali Linux on OCI
What is Kali Linux? Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali Linux contains several hundred tools which are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company. Installing Kali…
Best Practices on OCI Part 3: Logging & Monitoring
Here are some key recommendations for configuring logging and monitoring on Oracle Cloud Infrastructure – Ensure audit log retention period is set to 365 days – Log retention controls how long activity logs should be retained. Studies have shown that The Mean Time to Detect(MTTD) a cyber breach is anywhere from 30 days in some sectors to up…
Best Practices on OCI Part 1: IAM
Here are some key recommendations for Identity and Access Management on Oracle Cloud Infrastructure – Ensure service level admins are created to manage resources of particular service -Creating service-level administrators helps in tightly controlling access to Oracle Cloud Infrastructure (OCI) services to implement the least-privileged security principle. Ensure permissions on all resources are given only to…