InfoQ Homepage Cloud Security Content on InfoQ
-
GitHub Enables Dependabot via GitHub Actions, Improves Supply Chain Security
GitHub has released two features to improve the security and resilience of repositories. The first feature allows Dependabot to run as a GitHub Actions workflow using hosted and self-hosted runners. The second release introduces the public beta of Artifact Attestations, simplifying how repository maintainers can generate provenance for their build artifacts.
-
Amazon S3 Unauthorized Request Billing Issue: an Empty S3 Bucket Can Dramatically Increase the Costs
Maciej Pocwierz, a senior software engineer, recently revealed a significant issue—an empty S3 bucket can unexpectedly result in a substantial AWS bill. In his case, nearly 100,000,000 S3 PUT requests were executed within a single day, leading to a bill that was far from negligible.
-
Azure Virtual Network Flow Logs for Enhanced Network Monitoring and Security Analysis
Microsoft recently announced the general availability (GA) of Virtual Network flow logs, a new capability of the Network Watcher service in Azure.
-
KubeCon EU: Mercedes-Benz’s Migration From Pod Security Policies to Validation Admission Policies
During KubeCon EU the Mercedes Benz team presented their migration journey from Pod Security Policies to Validation Admission Policies to secure their 1000+ Kubernetes clusters. The solution was chosen in favour of Kyverno due to its improved performance.
-
Shadow API Detection for Google Cloud Environments in Preview
During Google Cloud Next, Google announced the preview release of shadow API detection in Advanced API Security, part of the Apigee API Management solution. This managed API Broker service in the Google Cloud allows users to design, secure, deploy, monitor, and analyze APIs.
-
Borderless Cloud at QCon London: Q&A with Adora Nwodo
At QCon London, Adora Nkowno, senior software engineer at NexaScale, discussed the complexities of seamlessly integrating multiple clouds into application architecture, deployment processes, and CI/CD pipelines. Her session was part of the Cloud-Native Engineering track on the first day of the conference, and InfoQ did an interview.
-
Efficient DevSecOps Workflows with a Little Help from AI: Q&A with Michael Friedrich
At QCon London, Michael Friedrich, senior developer advocate at GitLab, discussed how AI can help in DevSecOps workflows. His session was part of the Cloud-Native Engineering track on the first day of the conference. InfoQ interviewed Friedrich after the session.
-
Microsoft AI-Driven Security Tool Copilot for Security is Now GA
Microsoft recently announced the general availability of Copilot for Security, a generative Artificial Intelligence (AI) security product designed to help security and IT teams with the capabilities to protect their digital assets.
-
Google Cloud Launches Security Command Center Enterprise
Google Cloud has launched Security Command Center (SSC) Enterprise, a cloud risk management solution that offers proactive cloud security with enterprise security operations. The solution helps customers manage and mitigate risk across multi-cloud environments and is enhanced by Mandiant expertise.
-
Falco, Cloud-Native Security Tool for Kubernetes, Graduates from CNCF
CNCF announced the graduation of Falco, a tool designed for Linux systems and a de facto Kubernetes threat-detection engine. The project successfully met all graduation requirements, including undergoing the due diligence process, completing a third-party security audit, and obtaining the software licensing approvals.
-
Enhanced Protection for Large Language Models (LLMs) against Cyber Threats with Cloudflare for AI
Cloudflare recently announced a new capability called Firewall for AI in its Web Application Firewall (WAF) offering. The capability adds a new layer of protection that will identify abuse and attacks before they reach and tamper with Large Language Models (LLMs).
-
Cloudflare Releases 2024 API Security and Management Report
Cloudflare recently released its 2024 API Security and Management Report, providing insights, predictions, and recommendations for safeguarding APIs in the new year. The report analyses the growing risk of shadow APIs, the most common API errors, and global API usage across different industries.
-
Amazon Route 53 Resolver Introduces DNS over HTTPS Support for Enhanced Security and Compliance
AWS recently announced that Amazon Route 53 Resolver will support using the Domain Name System (DNS) over HTTPS (DoH) protocol for both inbound and outbound Resolver endpoints.
-
AWS Adds Automated Detection of Unused IAM Roles, Users, and Permissions
AWS recently added support for detecting unused access granted to IAM roles and users within their AWS IAM Access Analyzer tool. The new analyzer can identify unused roles, unused IAM user access keys and passwords, and unused permissions within a defined usage window. This analysis can be done across accounts within the organization and be controlled from a delegated administrator account.
-
Intuitive Application Resource Management with myApplications in the AWS Management Console
AWS recently announced at its re:Invent conference the general availability of myApplications. myApplications in the AWS Management Console can help customers manage and monitor the cost, health, security posture, and performance of their applications on AWS more effectively.