cloud security
cloud security
Want to provide Cloud services to the federal government? Then you’ll have to adhere to almost 170 security controls under the recently announced Federal Risk and Authorization Management Program. The program, set to go live in June, is designed to analyze/audit cloud computing providers for federal government agencies, expedite security clearances for cloud providers and foster the adoption of cloud computing by the Federal government. FedRAMP is meant to provide a baseline for low to moderate risk systems and is based on the NIST cyber-security Special Publication 800-53 Revision 3. FedRAMP provides an overall checklist for handling risks associated with...
It’s that time of year when we gift and re-gift. And the perfect opportunity to re-post, re-purpose and re-use my 2011 blog entries. If you missed any of the approximately 50 blogs, 11 audio whitepapers or 47 videos, here they are wrapped in one simple entry. I read somewhere that lists in blogs are good. Have a Safe and Happy New Year. F5 Security Vignette Series 2012 IT Staffing Crisis? The Top 10, Top Predictions for 2012 Pearl Harbor, Punchbowl and my...
I show how easy it is to sign up for F5's DevCentral community site from the floor of VMworld. Sign up at Booth 1131 and receive a 'I'm a Cloud Ninja' T-shirt.
</p> <p>ps </p> <p>Technorati Tags: <a href="http://technorati.com/tags/F5" _fcksavedurl="http://technorati.com/tags/F5">F5</a>, <a href="http://technorati.com/tags/vmworld" _fcksavedurl="http://technorati.com/tags/vmworld">vmworld</a>, <a href="http://technorati.com/tags/integration" _fcksavedurl="http://technorati.com/tags/integration">integration</a>, <a href="http://technorati.com/tags/Pete+Silva" _fcksavedurl="http://technorati.com/tags/Pete+Silva">Pete Silva</a>, <a href="http://technorati.com/tags/security" _fcksavedurl="http://technorati.com/tags/security">security</a>, <a href="http://technorati.com/tag/business" _fcksavedurl="http://technorati.com/tag/business">business</a>, <a href="http://technorati.com/tag/education" _fcksavedurl="http://technorati.com/tag/education">education</a>, <a href="http://technorati.com/tag/devcentral" _fcksavedurl="http://technorati.com/tag/devcentral">devcentral</a>, <a href="http://technorati.com/tags/application+delivery" _fcksavedurl="http://technorati.com/tags/application+delivery">application delivery</a>, <a href="http://technorati.com/tags/cloud" _fcksavedurl="http://technorati.com/tags/cloud">cloud</a>, <a href="http://technorati.com/tags/virtualization" _fcksavedurl="http://technorati.com/tags/virtualization">virtualization</a>, <a href="http://technorati.com/tags/vmware" _fcksavedurl="http://technorati.com/tags/vmware">vmware</a></p> <table border="0" cellspacing="0" cellpadding="2" width="368"><tbody> <tr> <td valign="top" width="200">Connect with Peter:...
The Cloud Security Alliance (CSA), a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, recently announced that they are launching (Q4 of 2011) a publicly accessible registry that will document the security controls provided by various cloud computing offerings. The idea is to encourage transparency of security practices within cloud providers and help users evaluate and determine the security of their current cloud provider or a provider they are considering. The service will be free.
CSA STAR (Security, Trust and Assurance Registry) is open to all cloud providers whether they...
Application threats are constantly evolving. Recent high-profile Internet attacks on organizations like HBGary, RSA, WikiLeaks, Google, Comodo, and others prove that no one is immune. Anyone could be a target, and perpetrators are extremely organized, skilled, and well-funded. Culprits are often better trained than the IT staff deployed to thwart the attacks, which are targeted, elaborate, and aggressive—not to mention creative. The attacks are multi-layered and constant, and seek not only to deface a website, but to steal valuable data. Customer data, intellectual property, state secrets, SSL certificates, and other proprietary, highly sensitive information are the top targets. Whether critical...
If you’ve perused any media outlet of late, the barrage of cyber threats are unrelenting and protecting your networks and applications continues to be a never ending task. Organizations are making significant investments in IT security to improve their attack protection but still need to control costs and keep the systems running efficiently. Since these attacks are targeting multiple layers of the infrastructure, both the network and applications, it is increasingly difficult to properly reduce the risk of exposure. Siloes of protection and network firewalls alone cannot do the trick. Add to that, the dynamic nature of today’s infrastructures especially...
Organizations need an end-to-end web application and database security solution to protect data, customers, and their businesses. The integrated solution from F5 and Oracle provides improved protection against SQL injection attacks and correlated reporting for richer contextual information. F5 and Oracle have partnered to offer enhanced security for web-based database applications. The integration between F5 BIG-IP® Application Security Manager (ASM) and Oracle Database Firewall provides richer forensic information about SQL injection attacks through correlated reporting. Running Time: 17:54 Read full white paper here. And click here for more...
Last year I embarked on a blog series, lead by my trusty advisor CloudFucius, that evolved into an exploration of the numerous cloud computing surveys, reports, statistics and other feelings about the technology. At the time, 4-5 surveys a week were being released covering some aspect of cloud computing and security was cited as the biggest hurdle in almost 90% of the surveys. I also found that availability, control and a general lack of understanding were also drivers in challenges to cloud adoption. Almost 6 months have passed since the last CloudFucius entry and I wanted to see if the...
Virtual Desktop Infrastructure (VDI) or the ability to deliver desktops as a managed service is an attractive and cost effective solution to mange a corporate desktop environment. The success of virtual desktop deployments hinges on the user experience, availability and performance, security and IT's ability to reduce desktop operating expenses.
VDI deployments virtualizes user desktops by delivering them to distinctive end point devices over the network from a central location. Since the user's primary work tool is now located in a data center rather than their own local machine, VDI can put a strain on network resources while the user...
Well, this is the 27th entry (26 not counting the intro) in the CloudFucius Series and what an interesting ride! What started out as a cloud version of the 26 Short Topics about Security series, soon turned into an exploration of the numerous cloud computing surveys, reports, statistics and other feelings about the technology. I also intended to investigate areas of cloud computing that I was not so familiar with and there were a few areas that I was able to dig further – like Radio and the NFL. Readers really seemed to like the ‘CloudFucius’ notion and while...
Full cloud security Archive
