InfoQ Homepage Cloud Computing Content on InfoQ
-
Google Cloud Adds New PCI DSS Policy Bundle to Anthos Config Management
Google has recently added Payment Card Industry Data Security Standard (PCI DSS) Policy bundle to Anthos Config Management (ACM). In its version 3.2.1, security administrators can now understand compliance with PCI DSS requirements using the Policy Controller Dashboard.
-
HashiCorp Nomad Adds SSO Support and Dynamic Metadata
HashiCorp has released version 1.5 of Nomad, currently in beta. Nomad is their orchestrator platform for deploying and managing both containerized and non-containerized environments. This release adds single sign-on and OIDC support as well as dynamic node metadata, job templates, and UI improvements.
-
CloudNativeSecurityCon 2023: SBOMs, VEX, and Kubernetes
At CloudNativeSecrityCon 2023 in Seattle, WA, Kiran Kamity, founder and CEO of Deepfactor, led a panel discussion on software supply chain security, the practical side of SBOMs, and VEX.
-
Falco Project v0.34 Released: OSS Security Tool Adds Downloadable Rules and eBPF Probe
Falco, an open-source runtime security tool, recently announced their latest release version 0.34.0. Highlights of the latest release include support for older RHEL distros, the ability to download and update Falco rules at runtime, and the experimental release of a modern eBPF probe.
-
Microsoft Announces the Preview of Serverless for Hyperscale in Azure SQL Database
Recently, Microsoft announced the preview of serverless for Hyperscale in the Azure SQL Database, which brings together the benefits of serverless and Hyperscale into a single database solution.
-
Amazon Releases Elastic Kubernetes Service for Snowball Edge
Amazon has released Amazon Elastic Kubernetes Service (EKS) Anywhere on Snow. This release automates the creation and management of EKS clusters on AWS Snowball Edge devices. These devices are able to run with or without an internet connection.
-
How Yahoo Secures Their Software Supply Chain at Scale: CloudNativeSecurityCon 2023
At CloudNativeSecrityCon 2023 in Seattle, WA, Hamil Kadakia and Yonghe Zhao, software engineers at Yahoo’s security team, presented on securing Software Supply Chain at Scale, and how to put together policies to safeguard against Supply Chain attacks.
-
AWS Releases New Graviton3-Based General Purpose (m7g) and Memory-Optimized (r7g) EC2 Instances
Amazon Web Services (AWS) has announced the release of new Graviton3-based General Purpose (m7g) and Memory-Optimized (r7g) Amazon EC2 instances, providing customers with enhanced performance and cost savings.
-
AWS Creates New Policy-Based Access Control Language Cedar
AWS has created a new language for defining access permissions using policies called Cedar. Cedar is currently used within Amazon Verified Permissions and AWS Verified Access. Created by the AWS Automated Reasoning Group, Cedar is designed to be agnostic of AWS and simple to understand the effects of policies.
-
AWS Publishes Reference Architecture and Implementations for Deployment Pipelines
AWS recently released a reference architecture and a set of reference implementations for deployment pipelines. The recommended architectural patterns are based on best practices and lessons collected at Amazon and customer projects.
-
New CloudWatch Metrics for AWS Lambda Asynchronous Invocations
AWS recently added three new Amazon CloudWatch metrics for AWS Lambda: AsyncEventsReceived, AsyncEventAge, and AsyncEventsDropped, to monitor the performance of asynchronous event processing.
-
Faster Startup Time and Lower Memory Usage: New CRT HTTP Client in AWS SDK for Java
AWS recently announced the general availability of the Common Runtime (CRT) HTTP Client in the AWS SDK for Java 2.x. The new asynchronous client provides faster SDK startup time and a smaller memory footprint improving Lambda serverless workloads.
-
Google Adds New Pricing Model to Its Security Command Center
Google recently announced several new updates to its Security Command Center (SCC) with a pay-as-you-go pricing model and two capabilities: deployments at the project level and self-service activation.
-
Software Supply Chain Framework OSC&R Created to Help Mitigate Security Threats
In collaboration with companies including Google, Microsoft, and GitLab, OX Security has released a security framework for assessing and evaluating software supply chain security risks. The Open Software Supply Chain Attack Reference (OSC&R) is a MITRE-like framework covering containers, open-source software, secrets hygiene, and CI/CD posture.
-
Containerd Adds Support for a New Container Type: Wasm Containers
The runwasi project, written in Rust, became an official contained project, which enables containerd to support a new container type: Wasm (or WebAssembly) containers.