Virtualization & Cloud

Infrastructure as Code (IaC) is a key DevOps practice that bolsters agile software development. In this report, we identify security risk areas in IaC implementations and the best practices in securing them in hybrid cloud environments.

Cloud-native security adopts the defense-in-depth approach and divides the security strategies utilized in cloud-native systems into four different layers: cloud, container, cluster, code.

When it comes to cloud computing security, or simply, cloud security, what are the builders’ responsibilities? How can developers and administrators ensure cloud security? This primer discusses the key concepts of cloud security and which areas need to be protected using flexible and comprehensive security solutions. 

A malicious cryptocurrency miner and Distributed Denial of Service (DDoS) bot that targets open Docker daemon ports.

We provide recommendations for cloud admins on how to formulate a security strategy when using Kubernetes for container orchestration.

As organizations make their move toward a more efficient and innovative future in the cloud, hybrid cloud environments pose several problems that can make or break their overall strategies.

As the adoption of cloud services grows, organizations need to be informed about how to secure their environment. Our research examines the common threats encountered in the cloud and provides insight on how organizations can better deal with them.

A campaign targeted misconfigured Docker Daemon API ports through Kinsing malware.

An unsecured Amazon Web Services (AWS) cloud storage bucket leaked the data of commuters in the U.K. who use the free Wi-Fi in train stations.