Cloud security

The cloud offers improved efficiency, flexibility and scalability, but its benefits can be reversed if security isn't top of mind. Read cloud security best practices, including tips on data protection and IaaS, PaaS and SaaS security, as well as cloud-specific tools and services such as CASBs, CWPPs and CSPM.

Top Stories

News 19 Nov 2024
Microsoft to offer hackers millions in Zero Day Quest event

Microsoft launched Zero Day Quest on Tuesday with a preliminary event offering bug bounty researchers rewards with multipliers for select security scenarios. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Nov 2024
MFA required for AWS Organizations member accounts in 2025

AWS is one of several cloud providers that will implement MFA requirements over the next year, with other relevant names including Google Cloud and Microsoft Azure. Continue Reading
By
- Alexander Culafi, Senior News Writer

News 22 Nov 2021
GoDaddy discloses breach of 1.2M customer account details

Web hosting provider GoDaddy said an attacker broke into its Managed WordPress service and accessed the account details and SSL keys of 1.2 million customers. Continue Reading
By
- Shaun Nichols
News 11 Nov 2021
Aruba Central breach exposed customer data

HPE-owned Aruba Networks said one of its cloud databases was accessed by hackers who were able to make off with location and telemetry data for its customers' Wi-Fi gear. Continue Reading
By
- Shaun Nichols
Tip 09 Nov 2021
How to overcome 3 multi-tenancy security issues

Explore three major multi-tenancy security challenges and how to fix them, including lack of visibility, privilege overallocation and poor data security management. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 02 Nov 2021
Why cloud bugs don't get CVEs, and why it's an issue

Lack of public disclosures for cloud bugs can allow vendors to sit on vulnerability reports and can prevent researchers from getting acknowledgement and payouts. Continue Reading
By
- Shaun Nichols
Guest Post 23 Aug 2021
Why zero-trust models should replace legacy VPNs

Many organizations use legacy VPNs to secure their networks, especially in the work-from-home era. Expert Pranav Kumar explains why zero-trust models are a safer option. Continue Reading
By
- Pranav Kumar
Tip 21 Jul 2021
Automate app security with SaaS security posture management

Keeping track of cloud application security settings and configurations businesswide is no easy task. Automate this cumbersome task with SSPM. Continue Reading
By
- Ed Moyle, Drake Software
Guest Post 16 Jul 2021
4 healthcare risk management tips for secure cloud migration

From improving the security posture and updating threat modeling to securing cloud data, learn about four risk management tips for healthcare organizations migrating to cloud. Continue Reading
By
- Nabil Hannan
Guest Post 24 May 2021
Embrace speed and security for your cloud security strategy

As companies solidify their cloud security strategies, they need to ensure that they're considering where they're at now, governance needed and metrics to follow. Continue Reading
By
- Altaz Valani
Tip 22 Apr 2021
How cloud monitoring dashboards improve security operations

Cloud monitoring dashboards can help security teams achieve visibility in complex, sprawling environments. Learn about cloud-native, third-party and open source deployment options. Continue Reading
By
- Ed Moyle, Drake Software
Tip 16 Mar 2021
Implement Kubernetes for multi-cloud architecture security

Uncover how orchestration tools benefit multi-cloud environments, and get help selecting the right deployment model for Kubernetes in multi-cloud architectures. Continue Reading
By
- Ed Moyle, Drake Software
Guest Post 26 Feb 2021
Dispelling 4 of the top cloud security myths today

Booz Allen's Jimmy Pham and Brad Beaulieu dispel four major cloud security myths, exploring why staying in the cloud rather than returning to on premises may be the more secure option. Continue Reading
By
- Jimmy Pham and Brad Beaulieu
Guest Post 19 Feb 2021
What is CIEM and why should CISOs care?

Cloud infrastructure entitlement management offers companies an edge in the cloud permissions gap challenge. Mahendra Ramsinghani explains how CIEM differs from SIEM. Continue Reading
By
- Mahendra Ramsinghani
Feature 03 Feb 2021
Cloud security policy configuration in AWS, Azure and GCP

Explore cloud security policy configurations in AWS, Azure and GCP using native security tools in this excerpt of 'Multi-Cloud Architecture and Governance' by Jeroen Mulder. Continue Reading
By
- Katie Donegan, Social Media Manager
- Packt Publishing
Feature 03 Feb 2021
Secure multi-cloud with architecture and governance focus

Certified enterprise and security architect Jeroen Mulder explains why multi-cloud security architecture planning should be informed by the business and customer perspectives. Continue Reading
By
- Katie Donegan, Social Media Manager
Tip 01 Feb 2021
5 tips to better secure cloud data

A move to cloud introduces new threats to data. Follow these tips to document, evaluate, test, monitor and harden the new environment. Continue Reading
By
- Johna Till Johnson, Nemertes Research
Feature 05 Jan 2021
Juggle a multi-cloud security strategy with these 3 steps

Enterprise security best practices must account for changes in cloud landscapes. Learn how to overcome such challenges and bolster multi-cloud security with technology and policy. Continue Reading
By
- Katie Donegan, Social Media Manager
Tip 11 Dec 2020
Tackle multi-cloud key management challenges with KMaaS

Cloud providers' tools for secrets management are not equipped to solve unique multi-cloud key management challenges. Learn how key management-as-a-service tools can fill the gaps. Continue Reading
By
- Ed Moyle, Drake Software
Tip 09 Dec 2020
How cloud-based SIEM tools benefit SOC teams

It's time for SIEM to enter the cloud age. Learn about the cloud-based SIEM features that can help SOC teams gain a holistic view of their organization's cloud infrastructure. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 03 Dec 2020
SASE model drives improved cloud and work-from-home security

Find out how the Secure Access Service Edge model provides increased work-from-home security and cloud access outside of the traditional enterprise data center access model. Continue Reading
By
- John Burke, Nemertes Research
Feature 30 Nov 2020
How to pass the AWS Certified Security - Specialty exam

Author of 'AWS Certified Security - Specialty Exam Guide' Stuart Scott shares insights on how to prepare for the exam and reap the professional benefits of certification. Continue Reading
By
- Katie Donegan, Social Media Manager
Feature 30 Nov 2020
Practice AWS Certified Security - Specialty exam questions

Explore the security and compliance capabilities of the AWS Config service to prepare for the wide-ranging AWS Certified Security - Specialty certification exam. Continue Reading
By
- Katie Donegan, Social Media Manager
- Packt Publishing
Tip 22 Oct 2020
How to build a cloud security operations center

To better protect workloads and data in the cloud, security operations centers collaborate with various IT teams. Learn how to cloud-enable your organization's SOC. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 16 Sep 2020
An inside look at the CCSP cloud security cert

Get insights into the Certified Cloud Security Professional cert, cloud infrastructure and platform benefits and risks, and more from the author of a CCSP exam guide. Continue Reading
By
- Sharon Shea, Executive Editor
Quiz 16 Sep 2020
Test your cloud security smarts with these CCSP exam questions

Read up on cloud-based BCDR in this excerpt from Chapter 4 of 'CCSP Certified Cloud Security Professional All-in-One Guide,' then quiz yourself to see what you've learned. Continue Reading
By
- Sharon Shea, Executive Editor
- McGraw Hill Education
Quiz 15 Sep 2020
Cloud computing security technology quiz

As companies migrate to the cloud to improve accessibility and scalability, there are many aspects of security to consider. Test your cloud security knowledge with this quiz. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 10 Sep 2020
How cloud security posture management protects multi-cloud

Improve control plane security at your organization by integrating a cloud security posture management tool into your existing multi-cloud strategy. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 17 Aug 2020
Hands-on guide to S3 bucket penetration testing

Attention AWS pen testers: The trick to understanding the indicators of AWS S3 bucket vulnerabilities is setting up an insecure bucket. Learn how in this actionable guide. Continue Reading
By
- Katie Donegan, Social Media Manager
- Packt Publishing
Quiz 29 Jul 2020
Cloud security quiz: Application security best practices

Think you know all there is to know about securing apps in the cloud? Test your grasp of cloud application security best practices with this quiz. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 28 Jul 2020
The importance of security, data encryption for cloud

As more companies migrate to the cloud, they need to also invest in cybersecurity for their cloud computing, such as through better encryption and authentication tools. Continue Reading
By
- Balaji Karumanchi, Guest Contributor
Tip 27 Jul 2020
Cloud workload protection platform security benefits, features

VMs and cloud environments make the task of protecting workloads more difficult than ever. Can a cloud workload protection platform help your organization solve the problem? Continue Reading
By
- Ed Moyle, Drake Software
Tip 20 Jul 2020
Follow 3 key steps to improve multi-cloud monitoring

Successful multi-cloud monitoring anticipates security vulnerabilities unique to operating across several environments. Follow these steps to improve multi-cloud security. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 17 Jul 2020
How to address and close the cloud security readiness gap

Cloud security readiness remains a shortcoming for companies despite the majority using cloud services. Here are three steps they can take to close the cloud security gap. Continue Reading
By
- Sailesh (Sai) Gadia, Guest Contributor
Tip 09 Jul 2020
Enhance your cloud threat protection with 5 tools, and more

Explore the best tools and tactics; you'll need the most effective arsenal available to counteract the attackers gunning for your cloud-based workloads and apps. Continue Reading
By
- Johna Till Johnson, Nemertes Research
Tip 29 Jun 2020
Privacy-preserving machine learning assuages infosec fears

Implementing privacy-preserving machine learning controls, such as federated learning and homomorphic encryption, can address top cloud security and privacy concerns. Learn how. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 17 Jun 2020
Istio service mesh security benefits microservices, developers

Learn more about Istio service mesh security features and how the open source technology can enable developers to better run, control and secure a distributed microservices architecture. Continue Reading
By
- Ed Moyle, Drake Software
Feature 20 May 2020
CCSK cert guide author's insights into cloud security credential

The author of a Certificate of Cloud Security Knowledge exam guide offers insights into certifications, top considerations for those pursuing the CCSK and more. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 12 May 2020
Comparing single cloud vs. multi-cloud security challenges

A multi-cloud environment is not inherently more secure than a single cloud. Learn how to choose between single cloud vs. multi-cloud for your organization from a security perspective. Continue Reading
By
- Mike Chapple, University of Notre Dame
Feature 08 May 2020
Compare the top cloud-based IoT security platforms to protect devices

IoT security tools can protect widely used computing devices that pose cybersecurity risks in the current remote work era. Explore the leading cloud-based options here. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Answer 23 Apr 2020
The differences between web roles and worker roles in Azure

What sets web roles and worker roles apart in Microsoft's Azure Cloud Services? Here's a look at how they are different. Continue Reading
By
- Sharon Shea, Executive Editor
- Matthew Pascucci
Tip 26 Feb 2020
Boost security with a multi-cloud workload placement process

IT must incorporate a multi-cloud workload placement process into its multi-cloud strategy in order to maintain or improve cloud security and cloud operations. Continue Reading
By
- John Burke, Nemertes Research
Tip 12 Feb 2020
Benefits of cloud data discovery tools and services multiply

With multi-cloud and privacy regulations becoming the new normal, infosec teams need data discovery tools and services to keep up. Learn more about available cloud options. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 02 Jan 2020
3 steps to prepare IT operations for multi-cloud

Organizations must ready their IT operations for multi-cloud and the unique security challenges ahead. Equip your IT ops team with the right people and processes to adapt smoothly. Continue Reading
By
- John Burke, Nemertes Research
Tip 19 Dec 2019
Learn some key cloud workload protection best practices

Learn key practices to protect cloud workloads whether using VMs, endpoints or containers. And don't forget to consider the best means for building a fruitful feedback loop. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 13 Nov 2019
Benefits of using Azure Security Center for security assessments

Author Yuri Diogenes discusses how Azure Security Center helps admins achieve full cloud visibility, conduct security assessments and prevent potential breaches. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 12 Nov 2019
Use Azure Security Center to conduct a security posture assessment

In this excerpt from Chapter 4 of Microsoft Azure Security Center, the authors outline how to use the software to determine and improve your enterprise's cloud security posture. Continue Reading
By
- Sharon Shea, Executive Editor
- Pearson Education
Tip 28 Oct 2019
5 cloud storage privacy questions to ask potential providers

Data confidentiality in cloud computing is a major enterprise concern, yet providers are often lacking in their details. Here are the questions to ask before adopting a service. Continue Reading
By
- Kevin Tolly, The Tolly Group
Tip 07 Oct 2019
How to beef up S3 bucket security to prevent a breach

Security teams have plenty of tools at their disposal to help their organizations achieve and maintain S3 bucket security. Learn about the threats and best practices to stay safe. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 06 Sep 2019
How to build and maintain a multi-cloud security strategy

When using multiple cloud service providers, it's critical to consider your enterprise's cloud scope and the specifics of each cloud service to maintain security. Continue Reading
By
- Ed Moyle, Drake Software
Tip 05 Sep 2019
Why CASB tools are crucial to your cloud security

CASB tools have gained traction as cloud security becomes more important. Among other features, a cloud security access broker helps companies pinpoint shadow IT. Continue Reading
By
- Kevin Tolly, The Tolly Group
Tip 19 Aug 2019
How to conduct proper AWS vulnerability scanning in 3 steps

Cloud vulnerability management can be complicated. Learn how to perform AWS vulnerability scans under the shared responsibility model. Continue Reading
By
- Sharon Shea, Executive Editor
- Rob Shapland
Feature 15 Aug 2019
Research shows cloud security vulnerabilities grow

Recent research shows the number of cloud security incidents are growing. Here are the biggest contributors to the complicated cloud threat landscape facing modern enterprises. Continue Reading
By
- Mary K. Pratt
Tip 08 Aug 2019
4 necessary steps to evaluate public cloud security

The Capital One hack raised questions about public cloud security. Take these four steps to ensure your data is protected. Continue Reading
By
- Kevin Tolly, The Tolly Group
Answer 26 Jul 2019
What's the best way to approach multi-cloud security?

Multi-cloud security can be challenging, but new tools promise to ease some of the problems associated with managing resources across multiple CSPs. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Tip 18 Jul 2019
CASB market dynamics, from a customer perspective

The CASB market is changing. Learn how the fluctuating threat landscape has led to a use case evolution and operational changes for the CASB in the enterprise. Continue Reading
By
- Ed Moyle, Drake Software
Guide 27 Jun 2019
Everything you need to know about multi-cloud security

Make multi-cloud security a reality in your organization with these tips and strategies from industry experts as you implement more cloud platforms. Continue Reading
By
- Madelyn Bacon, TechTarget
Tip 26 Jun 2019
The CISO's guide to Kubernetes security and deployment

Container orchestration platform Kubernetes provides tools needed to deploy scalable applications with efficiency. Learn what steps CISOs must take to secure a Kubernetes environment. Continue Reading
By
- Joe Nemer
Feature 21 Jun 2019
As cloud complexities increase, cybersecurity skills gap worsens

Concerns about the lack of security expertise persist, according to respondents in a new CSA survey of IT and security professionals on complexities within native cloud, hybrid and multi-cloud environments. Continue Reading
By
- Katie Donegan, Social Media Manager
Guide 30 May 2019
How best to secure cloud computing in this critical era

Achieving cloud security today demands you continually update your strategy, policy, tactics and tools. This collection of expert advice helps keep your cloud defenses well-tuned. Continue Reading
By
- Brenda L. Horrigan, Executive Managing Editor
Tip 15 May 2019
3 best practices for cloud security monitoring

Cloud security monitoring can be laborious to set up, but organizations can make it easier. Learn about three best practices for cloud security monitoring and the available tools. Continue Reading
By
- Ed Moyle, Drake Software
Tip 13 May 2019
Why centralization in a multi-cloud security strategy is key

When moving to a multi-cloud infrastructure, there are a few strategies to keep in mind. Learn how centralization will limit the challenges of fragmented security access and monitor controls. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 07 May 2019
The risks of multi-cloud security compared to single cloud

Single-cloud architecture poses some challenges, which has led to a new trend in adopting multi-cloud designs. Discover whether multi-cloud is right for your enterprise. Continue Reading
By
- Dave Shackleford, Voodoo Security
Opinion 01 May 2019
The top cloud security challenges are 'people problems'

Cloud security begins at home. Considering the human factor in cybersecurity is step one when it comes to addressing how to keep critical assets safe in the cloud. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Tip 26 Apr 2019
How infrastructure as code tools improve visibility

Visibility into cloud infrastructures and applications is important for data security. Learn how to maintain that visibility while using infrastructure as code tools. Continue Reading
By
- Michael Cobb
Feature 24 Apr 2019
Words to go: Multi-cloud security strategy

For many enterprises, implementing multi-cloud security is complicated. Here's a breakdown of the must-know multi-cloud terms for organizations setting up this type of deployment. Continue Reading
By
- Madelyn Bacon, TechTarget
Tip 22 Apr 2019
The security benefits of using infrastructure as code

Infrastructure as code bolsters security and ensures security best practices are built into software development. Learn more about the use of infrastructure-as-code models. Continue Reading
By
- Michael Cobb
Tip 14 Mar 2019
Container security awareness, planning required as threats persist

As container security vulnerabilities continue to emerge, companies should plan ahead and have strategies ready to defend against looming segmentation failures. Continue Reading
By
- Ed Moyle, Drake Software
Tip 30 Jan 2019
How to build a cloud security strategy after migration

Enterprises can face an array of issues when they migrate to the cloud. Learn about three of the main challenges and how to effectively create a cloud security strategy. Continue Reading
By
- Ted Harrington, Independent Security Evaluators
Tip 16 Jan 2019
How unsecured Firebase databases put critical data at risk

Unsecured Google Firebase databases are similar to misconfigured AWS S3 buckets, but there are key differences. Expert Rob Shapland discusses the risks of unsecured cloud databases. Continue Reading
By
- Rob Shapland
Tip 09 Jan 2019
How to block public access for AWS S3 bucket security

AWS S3 buckets leaked millions of files, including sensitive data, by enabling public access. Learn how to block public access with expert David Shackleford. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 26 Dec 2018
How to apply cloud security controls in the network

Implementing cloud security controls in the network requires a careful balance between protecting points of connectivity while still making it easy for users to access services. Continue Reading
By
- (ISC) 2
Tip 28 Nov 2018
How Google's cloud data deletion process can influence security policies

Understanding the process behind Google's cloud data deletion can help influence stronger enterprise security policies. Expert Ed Moyle explains the process and how to use it. Continue Reading
By
- Ed Moyle, Drake Software
Tip 14 Nov 2018
How the Microsoft Authenticator app integrates with Azure AD

Microsoft expanded the Microsoft Authenticator app to integrate with tens of thousands of Azure AD apps. Expert Dave Shackleford explains how this tool is improving security. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 03 Oct 2018
How to collect open source threat intelligence in the cloud

Threat intelligence analysis can be challenging and expensive for enterprises. Expert Frank Siemons explains how open source threat intelligence can simplify the process. Continue Reading
By
- Frank Siemons, RedSec
Quiz 26 Sep 2018
How do cloud deployment models affect IT operations?

Security plays a vital role in cloud operations. Test your knowledge of important concepts covered in Domain 5 of the CCSP exam, “Operations,” with this practice quiz. Continue Reading
By
- (ISC) 2
Tip 22 Aug 2018
Why container orchestration platforms risk data exposure

Container orchestration platforms expose interfaces and create the risk of data exposure and unauthorized access. Expert Dave Shackleford explains why these risks exist in enterprises. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 08 Aug 2018
How online malware collection aids threat intelligence

Threat intelligence can facilitate cloud-based malware collection, which has value for enterprise cybersecurity. Expert Frank Siemons discusses collecting and analyzing malware. Continue Reading
By
- Frank Siemons, RedSec
Tip 18 Jul 2018
The risks of container image repositories compared to GitHub

As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 29 Jun 2018
How to use Packetbeat to monitor Docker container traffic

Docker containers can help secure cloud applications, but malicious traffic can still move to and from those containers on a network. Dejan Lukan explains how to use Packetbeat to monitor such threats. Continue Reading
By
- Dejan Lukan, Protean Security
Tip 20 Jun 2018
How to secure cloud buckets for safer storage

Cloud buckets that enterprises use for storage can provide security benefits, but they also come with some risks. Expert Frank Siemons discusses the risks and how to mitigate them. Continue Reading
By
- Frank Siemons, RedSec
Tip 30 May 2018
Cloud endpoint security: Balance the risks with the rewards

While cloud endpoint security products, such as antivirus software, provide users with many benefits, the cloud connection also introduces risks. Expert Frank Siemons explains. Continue Reading
By
- Frank Siemons, RedSec
Quiz 29 May 2018
Reviewing cloud data protection measures: CCSP Domain 2

This practice quiz will assess your understanding of key concepts in Domain 2 of the CCSP exam. This part of the test covers cloud data security strategies, technologies and more. Continue Reading
By
- (ISC) 2
Tip 09 May 2018
How a cloud backdoor poses a threat to the enterprise

Cloud backdoors pose a rising threat to enterprises, according to new research. Expert Ed Moyle explains what a cloud backdoor is and what mitigation options are available. Continue Reading
By
- Ed Moyle, Drake Software
Quiz 30 Apr 2018

CCSP Practice Exam and Study Guides

Studying for, obtaining and maintaining your CCSP® certification has now become more convenient with SearchCloudSecurity.com. Continue Reading
Feature 03 Apr 2018
AWS S3 bucket security falls short at high-profile companies

Everyone is putting their data in the cloud, from IT staff to department heads. With functionality galore, basic security measures too often go unchecked. Continue Reading
By
- Kathleen Richards
Tip 07 Mar 2018
What the Azure AD Connect vulnerability can teach enterprises

Enterprises should learn from a Microsoft Azure AD Connect vulnerability that security requires a hands-on approach. Expert Rob Shapland takes a closer look at the permissions flaw. Continue Reading
By
- Rob Shapland
Answer 27 Feb 2018
How does the Amazon GuardDuty threat detection service work?

At the 2017 re:Invent conference, Amazon announced their latest threat detection product: Amazon GuardDuty. Learn how this service works and what sets it apart from other products. Continue Reading
By
- Matthew Pascucci
Blog Post 30 Nov 2017
The CASB market is (nearly) gone but not forgotten

A series of acquisitions have drastically reduced the number of stand-alone cloud access security brokers and reshaped the CASB market for years to come. Continue Reading
By
- Rob Wright, Senior News Director
Tip 20 Sep 2017
How attackers can intercept iCloud Keychain data

A verification flaw in the synchronization service of iCloud Keychain enables attackers to intercept the data it transfers. Expert Frank Siemons explains what to do about it. Continue Reading
By
- Frank Siemons, RedSec
Definition 31 Aug 2017
Google Cloud Key Management Service (KMS)

Google Cloud Key Management Service (KMS) is a cloud service for managing encryption keys for other Google cloud services that enterprises can use to implement cryptographic functions. Continue Reading
By
- Madelyn Bacon, TechTarget
Answer 31 Mar 2017
Google Cloud KMS: What are the security benefits?

Google Cloud KMS is a new encryption key management service available for Google customers. Expert Matthew Pascucci discusses how this service works and its security benefits. Continue Reading
By
- Matthew Pascucci
Tip 21 Dec 2016
VM isolation technique considerations for enterprises

VM isolation techniques are good strategies to prevent infections from spreading to the entire cloud environment. Ed Moyle explains what enterprises need to know about isolation. Continue Reading
By
- Ed Moyle, Drake Software
Tip 09 Feb 2016
Breaking down the risks of VM escapes

The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well. Continue Reading
By
- Ed Moyle, Drake Software
Answer 13 Aug 2015
Our AWS encryption keys were exposed accidentally -- now what?

Exposing encryption keys is never a good thing, but knowing the steps to take after such an incident can help limit damage to an enterprise. Expert Dan Sullivan explains. Continue Reading
By
- Dan Sullivan
Tip 31 May 2013
Amazon S3 encryption overview: How to secure data in the Amazon cloud

Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings. Continue Reading
By
- Dave Shackleford, Voodoo Security