Posts Tagged ‘ CloudAudit ’

Software Defined Security: Is it Achievable?

August 8, 2012
By
VirtualizationSecurity

Cloud based security is about securing the data, yet compliance requirements are often about securing the environment, such as PCI's requirement for web application firewalls, which protect web servers and perhaps applications and imply protection of data. But they do not directly protect data. How can a Software Defined Data Center implement a form of…

Read more »

Offering Cloud Services: Why is it so Limited?

May 8, 2012
By
CloudComputing

There are many SaaS and Security SaaS cloud services out there, but they all lack one thing: full visibility. Why do these cloud offerings limit the ability to perform compliance auditing, forensics, and basic auditing against an organizations data retention, protection, and other necessary policies? Why not just grant the "right to audit", or better…

Read more »

Mitre – Two New Tools to Help with PaaS and Risk Assessment

August 15, 2011
By

On the 7/28 Virtualization Security Podcast, we were joined by Robert Martin of Mitre to discuss Mitre's new CWE, CWSS, and CWRAF tools to aid in software and system security evaluation. We put a decidedly cloud based discussion around these tools to determine how they would be used by those that program within a PaaS…

Read more »

Improving PaaS Security: Get your Developers Involved

June 23, 2011
By

The 6/16 Virtualization Security Podcast started as a twitter conversation with a comment about PaaS Security where James Urquhart, Krishnan Subramanian, Rich Miller, and myself went back and forth about PaaS security and the role of the developer. It was not quite a DevOps conversation but pretty close. Rich could not join us on this…

Read more »

Featured Solutions