Last year, Trend Micro launched our popular Deep Security as a Service offering on the AWS Marketplace, combining industry-leading threat protection for cloud workloads, effortless deployment, and the added bonus of a unified Amazon Web Services (AWS) bill. This has been a successful model for customers wanting to purchase workload protection directly, however the reality…
Read More
Working in Microsoft Azure is exciting. Nowhere was this more evident than at TechEd 2014 – a whirlwind of new features, techniques and designs. Vibhor Kappor has a great summary up on the Azure blog that will help get you up to speed. While you’re reading the announcements, it’s important to keep in mind how security on…
Read MoreAWS re:Invent This year, AWS re:Invent is once again being held in Las Vegas (12–15-Nov-2013). The 4 day conference focuses on all things AWS and the schedule is packed with talks, bootcamps, hands-on labs, and other events. If you didn’t attend last year, you can check out the videos online to get a feel for the…
Read MoreIf you still believe that your systems management consoles should be running on servers in your data center, you’re definitely from the pre-cloud era. Even if you believe your systems management and security consoles should be running on infrastructure as a service instances you control, you’re also out of date. The evidence is in, and…
Read MoreOver the past weeks we have been reviewing the top 10 tips for securing instances running on Amazon Web Services. We walked through the critical controls as part of the AWS shared security model. As noted in these tips, host-based security capabilities such as intrusion detection and prevention, anti-malware, and integrity monitoring are critical for…
Read MoreIn last week’s post, we gave a high level overview of vulnerability assessments. This type of assessment results in a prioritized list of vulnerabilities in your deployment. It’s an excellent first step in knowing the state of your deployment. The next step you should take is to conduct a penetration test. The Test A penetration…
Read MoreSo far in this series, Justin and I have provided tips for securing the foundations of your AWS deployment. Taken together, these tips work to reduce the overall attack surface—the area exposed to the outside world—of your application. Now it’s time to add the next layer of controls to you application, starting with a host-based…
Read MoreLast week, Justin covered some of the high level issues around AMI development. This week, we’re going to take a look at how to protect the guest operating system running on your EC2 and VPC instances. AWS Recommendations AWS had published quite a few papers around their services. AWS Security Best Practices [PDF] and AWS Risk and…
Read MoreIn last week’s post, Protecting your resources with AWS Identity and Access Management, Justin covered the basics of AWS Identity Access Management (IAM). This week, we’re going to take a look at password policies and multi-factor authentication using IAM. Password Policies The value of a strong passwords is well known. Most organizations already have a password…
Read MoreOver the next several weeks, we will be discussing best practices for securing your Amazon Web Services (AWS) environment. Before we dive into securing your instances, applications and data, we have to start from the top. As part of the AWS shared responsibility security model, consumers of AWS play a significant role in securing their…
Read More
