Tech Brief Video Series – Cloud Security

Hello, I have created a “Cloud Security Tech Brief” Series. Kindly click on the links to view the videos. I’m trying out a couple of videos styles.

Cloud Security A – Cloud Security – Cloud Pyramid – > https://youtu.be/zmsOvjEQMaA

“Clouds operate under different service models – Infrastructure of a service IaaS, Platform of a service PaaS and Software of a Service SaaS service models. These service models provide different abstraction layers to the consumer and as a result offer different security requirements to the consumer. Public Cloud Providers are not a single type and A generic evaluation of security cannot be generalized amongst all of them. In the case of Infrastructure of a service, the computing resource provided is specifically that of virtualized hardware. Examples include Rackspace, Amazon Web Services (AWS), Microsoft Azure, Google Compute Engine (GCE)”

Cloud Security B – Cloud Security – CloudBleed – > https://youtu.be/o6VeTUiNI_w

“The following security incidents – CodeSpace, Ashley Madison, iCloud Leak, and Leak Pass were at the application layer and not the fault of the clouds providers infrastructure. Apart from Cloudbleed which was a bug was affecting a popular CDN providers Reverse Proxies/Edge nodes. This security bug was definitely a cloud vulnerability & the CDN providers infrastructure was at fault. The CloudBleed Bug was a RAM Leak which caused the CDN reverse proxy servers to run past the end of a buffer and return memory that contained private information during HTTP requests.”

Cloud Security C – Cloud Security – Hypervisor Vulnerabilities – >https://youtu.be/cW2i2ONSqAs

“The cloud is a technology that combines resources such as CPU, Hard Disk Drive, Network Interface Cards, Bandwidth and places them into a virtualization pool for consumers to use as required. Virtualization and orchestration are key components to the cloud. The virtualization side of things is carried by what is known as the hypervisor. And it is this abstraction layer created by the hypervisor that allows the sharing of the system’s physical resources.”

Cloud Security D – Cloud Security – Secure Web Gateway – > https://youtu.be/t2txQPKaNAE

“The increase of zero-days attacks, automatic botnets spreading and malicious threats hiding in SSL traffic has resulted in a web security model that is broken. One precaution you can take is to implement a Secure Web Gateway (SWG) either as a cloud-based or on-premise device. A Secure Web Gateway is a security solution that filters unwanted traffic enforcing a range of security policies. SWGs are implemented as both an on-premises hardware or virtualized appliance or cloud-based. They may also be deployed in a hybrid mode which combines on-premises appliances and cloud-based services.”

Cloud Security E – Cloud Security – Introducing Tokenization – > https://youtu.be/qfjWXruxdxI

“We have a number of ways to secure data and tokenization is one them. Others include encryption with either provider managed keys or customer BYOK. We also have different application layer encryption. Tokenization is a way to keep data secure while making online paying easier. It involves the replacement of for example credit card numbers by a surrogate number or “token” and then either centralizing or outsourcing the card data to a 3rd party. The transaction gets passed to a 3rd party payment service provider and then to the acquiring bank that provides the merchant account and finally to the issuing bank to supplies the actual CC or DC. The issuing bank could be for example VISA which then responds back with payment confirmation.”

More Videos to come!!

Additional Cloud Security information can be found at the following:

 

About Matt Conran

Matt Conran has created 172 entries.

Leave a Reply