Trend Micro - Cloud Security BlogAWS re:Invent This year, AWS re:Invent is once again being held in Las Vegas (12–15-Nov-2013). The 4 day conference focuses on all things AWS and the schedule is packed with talks, bootcamps, hands-on labs, and other events. If you didn’t attend last year, you can check out the videos online to get a feel for the […]
Trend Micro - Cloud Security BlogOver the past four years, many things have changed in our Cloud Security Blog has been online – largely because of the evolution of the industry. No longer are we encountering “cloud confusion,” as a couple of our earlier blog posts on cloud-based security and threats from the cloud discussed. The “Cloud” and security within [...]
PART 2: The Challenges and Benefits of Virtualized Environments for Midsize Businesses: A VMware and Trend Micro Q&ATrend Micro - Cloud Security Blog[NOTE: This Post was continued from Part 1 at VMware SMB Blog] According to Gartner, midsize businesses account for nearly 40 percent of U.S. server sales. Unlike large enterprises, these organizations have fewer resources to support the deployment and maintenance of new servers in existing IT environments. With the goal of optimizing their entire IT infrastructure, midsize [...]
Trend Micro - Cloud Security BlogThe Cloud Security Alliance recently released a white paper on cloud computing vulnerability incidents spanning the last five years. They looked at more than 11 thousand news articles regarding cloud computing-related incidents to determine the top reasons behind outages. Did you know 64 percent of the outages can be attributed to one of three causes: Insecure Interfaces [...]
Trend Micro - Cloud Security BlogIf you still believe that your systems management consoles should be running on servers in your data center, you’re definitely from the pre-cloud era. Even if you believe your systems management and security consoles should be running on infrastructure as a service instances you control, you’re also out of date. The evidence is in, and [...]
Trend Micro - Cloud Security BlogOver the past weeks we have been reviewing the top 10 tips for securing instances running on Amazon Web Services. We walked through the critical controls as part of the AWS shared security model. As noted in these tips, host-based security capabilities such as intrusion detection and prevention, anti-malware, and integrity monitoring are critical for [...]
Trend Micro - Cloud Security BlogAmazon Web Services did it again. Its new service, OpsWorks, is an application management service with the ability to manage applications of any scale or complexity in the AWS cloud. This integrated system manages resource provisioning, configuration management, application deployment, software updates, and monitoring and access control. The service is another offering from the leader in [...]
Trend Micro - Cloud Security BlogIn last week’s post, we gave a high level overview of vulnerability assessments. This type of assessment results in a prioritized list of vulnerabilities in your deployment. It’s an excellent first step in knowing the state of your deployment. The next step you should take is to conduct a penetration test. The Test A penetration [...]
Trend Micro - Cloud Security BlogAs a Product Marketing Manager for Trend Micro™ Worry-Free™ Business Security Services, I hear a lot of objections about the product, and in particular, a lot of cloud-related fears. Some examples of things I hear from customers and partners are: “I wouldn’t be secure if my Internet connection went down.” “I don’t want to put [...]
Trend Micro - Cloud Security BlogIn this series, Mark and I have talked about hardening your AWS resources (both inside and outside of your instances) and preforming ongoing monitoring. The last two tips are around measuring your overall security so that you can understand your risks and measure your progress. It may be an old adage but it still rings true… [...]
Sign up now »
Clearswift SECURE Email Gateway is an effective and resilient email gateway for 50 to 50,000 users.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.