Virtualization & Cloud

Cybercriminals are targeting cloud infrastructure via compromised container management platforms, malicious Docker images, API key theft, and control panel exploitation.

Malware can hide from antivirus (AV) software by abusing features in Intel Software Guard Extensions (SGX). This was recently demonstrated by Michael Schwarz, Samuel Weiser, and Daniel Gruss, researchers at Graz University of Technology.

DevOps entails pivotal shifts. Among them is the way monitoring and auditing are carried out. As requirements and technologies for developing, vetting, and deploying applications change, the requisites for monitoring and auditing also change.

Enterprises are increasingly using hybrid environments, but this move can come with risks and challenges especially for organizations adopting DevOps. How can hybrid cloud security fit naturally into development processes?

Cloud security has become a significant issue as organizations increasingly move their workload to the cloud. A misconfigured cloud can leave organizations vulnerable to attacks.

With a large number of businesses starting to move toward the hybrid cloud model, the issue of safe cloud environments is more significant than ever.

Researchers discovered over 9,600 organizations with misconfigured Google Group accounts, leaving key credentials, email exchanges and sensitive information searchable to the public.

Los Angeles County 211 accidentally exposed approximately 3.5 million records logged between 2010 and 2016 due to a misconfigured Amazon S3 server.

Analysis of over 1,000 open-source serverless applications revealed that 21% of them have critical vulnerabilities or were misconfigured. What does this mean for DevOps?