The VMworld 2016 conference in Las Vegas, Nevada, gave a great deal of attention to both NSX and security this year. While walking around the Solution Exchange floor, I had the opportunity to stop and talk with Tufin about its Tufin Orchestration Suite, which orchestrates security polices across complex, hybrid cloud, and physical environments.
In a recent Twitter conversation, I asked if serverless is anything new, and if so, where are the documents expressing what is new about it. I was asked in reply if I needed a document to understand the difference between Uber …
A big part of the secure hybrid cloud is the need for multi-tenant analytics to determine when security events and compliance issues happen. However, analytics cover many different aspects of security within the hybrid cloud from being a control point for compliance to handling vulnerability scanning. What are the requirements for multi-tenant analytics?
There is a dilemma for all tenants of a public or private cloud: Scope. For the tenant, they want everything to be in scope. For the Cloud Service Provider (CSP) they want to limit scope to the bare minimum. What does it mean for a Cloud to be ‘PCI Compliant’ and why is this a requirement for some tenants. The real issue, is what is in scope for PCI-DSS while your data is in the cloud and how can you as the tenant meet those requirements.
We recently moved workloads to the public cloud and the public cloud reality does not match the hype, nor does it match the application security requirements of a small or even large organization.
Rightscale has been running into a problem with the simplest of auditing requirements: how to know when someone has logged in. This problem spans nearly all their 100s of SaaS providers used to run their business. Where is the ability to do SaaS Auditing?