InfoQ Homepage Network Security Content on InfoQ
-
Google Cloud Private Service Connect Now Generally Available
Google Cloud has recently announced the general availability of Private Service Connect, a service to keep all customer’s traffic private and secure over Google's global network while abstracting the underlying network infrastructure.
-
The eBPF Foundation Aims to Further Advance eBPF Features and Adoption
eBPF, a technology used to extend the Linux kernel capabilities without requiring to change its code or reload kernel modules, now has its own foundation hosted within the Linux Foundation, announce Facebook, Google, Isovalent, and other founding members.
-
Microsoft Announces Public Preview of Bastion Standard SKU
Azure Bastion is a fully-managed Platform as a Service (PaaS) solution providing customers a secure way to connect to a virtual machine using a browser and the Azure portal. Recently, the company announced the public preview of the second Stock Keeping-Unit (SKU) called Standard.
-
Aqua Security's Latest Report Highlights Increase in Cloud Attacks
Aqua Security published a report outlining their analysis of a year's worth of security remediation data. This report found that nearly no organization addressed all identified issues with enterprise organizations taking on average 88 days to resolve the issues they do address. Their analysis found a large increase in attacks against container-based and cloud-native infrastructure.
-
Netflix Open Sources ConsoleMe to Manage Permissions and Access on AWS
Netflix has recently open-sourced ConsoleMe, a AWS multi-account management service, and its CLI utility, Weep. The tools provide a central control plane for permissions management across all of AWS accounts of an organization and help to implement the principle of least privilege.
-
Microsoft Releases Azure Firewall Premium in Public Preview
Microsoft Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. The company recently announced a preview release of a premium version of the cloud-based network security service.
-
AWS Releases Privatelink for Amazon S3 into General Availability
AWS has recently announced that PrivateLink for Amazon S3 is now generally available (GA). With PrivateLink for Amazon S3, customers can securely connect Amazon S3 to on-premise resources.
-
How SAD DNS Works
SAD DNS is a new variant of DNS cache poisoning that allows an attacker to inject malicious DNS records into a DNS cache, thus redirecting any traffic to their own server and become a man-in-the-middle (MITM).
-
Cloudflare Releases a Cloud-Based Network-as-a-Service Solution: Cloudflare One
Cloudflare, an American web-infrastructure and website-security company, recently introduced a cloud-based network-as-a-service solution for the enterprise workforce called Cloudflare One. The solution provides secure, fast, reliable, cost-effective network services, integrated with leading identity management and endpoint security providers.
-
Cloudflare Introduces API Shield
Cloudflare has recently introduced API Shield, a free security tool that protects API traffic against attacks designed to perform unauthorized actions or exfiltrate data. Strong client certificate-based identity is already generally available, while schema validation is currently a closed beta.
-
Microsoft Adds Virtual Network Support for Azure Firewall Manager, Enables Centralized Management
In a recent blog post, Microsoft announced Azure Firewall Manager now supports virtual networks. This new capability allows organizations to centrally manage security policies and route management for cloud-based security perimeters based on two network architectures, including secured virtual hub and hub virtual network.
-
Linode Announces DDoS Protection Across Its Global Network
Linode announced the availability of its DDoS protection service across its network for detection and mitigation of DDoS attacks.
-
Microsoft Extends Azure Security Center Capabilities to Partners, Adds Automation
At the recent Ignite conference, Microsoft announced several updates to their Azure Security Center offerings. These updates include enhanced cloud resource threat protection, Customer Lockbox extensions, the release of a Secure Code Analysis toolkit, additional support for Azure Disk Encryption, certificate management extensions, API automation and partner integrations.
-
Extend Azure PaaS Resources to Your Network Using Azure Private Link
In a recent blog post, Microsoft announced a new preview service, called Azure Private Link, which provides organizations the ability to connect to Azure Platform as a Service (PaaS) offerings, or their own services, using a private IP address. Azure Private Link connections travel over Microsoft’s backbone network and avoid exposure from the public internet.
-
Security Architecture Anti-Patterns by UK Government National Cyber Security Centre
The National Cyber Security Centre of the UK Government recently published a white paper on the six design anti-patterns that we should avoid when designing computer systems.