Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Gartner says by 2020, a corporate "No-Cloud" Policy will be as rare as a "No-Internet" policy is today and specifically the Infrastructure as a Service (IaaS) market is projected to continue to grow more than 25 percent per year through 2019. This surge in cloud adoption also represents a huge shift in cloud spending by IT organizations, directly or indirectly affecting more than $1 trillion dollars in Cloud IT purchases by 2020, according to Gartner. Of course, not every enterprise app and data bit will move fully to the cloud. To quote yet another study - this one by North Bridge Venture Partners and GigaOM Research - many of these deployments will be hybrid in nature. For enterprises and smaller organizations alike, it's essential to build a cloud strategy that adopts public and private cloud resources, on-premise systems, containers, and more. Research confirms... (more)

Cloud Expo, Inc. Names Carmen Gonzalez CEO

SYS-CON announced today that "Cloud Expo, Inc." has spun out of SYS-CON Events, Inc. as a startup events management company which produces and presents Cloud Expo (TM) events worldwide. Cloud Expo, Inc. launched Cloud Expo (TM) events in 2007, and currently producing Cloud Expo East, Cloud Expo West, Cloud Expo Europe, Cloud Expo Tokyo, Cloud Expo Prague, Cloud Expo Hong Kong, and Cloud Expo Sao Paolo. All Cloud Expo marks and trademarks are registered trademarks of Cloud Expo, Inc. worldwide. Carmen Gonzalez was named CEO of Cloud Expo, Inc. Carmen served as the co-founder, president, and chief operating officer of SYS-CON Media since 1994. In this capacity, Carmen was in charge of SYS-CON's sales and marketing functions. Under her leadership, the company was named by Inc 500 among the fastest-growing 500 privately held companies in North America three years in a... (more)

API Security: OWASP 2017 RC1 Gets It Right | @CloudExpo #API #SOA #Microservices

API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong? API Security has been added to OWASP Top 10 2017 - RC1. This is a commendable step taken by the web application security thought leaders and is a clear indication of where the industry is heading. Security professionals have all the tools and awareness to fence in applications, databases and legacy systems through firewalls. OWASP has served the security professionals well... (more)

API Security - SD Times Review of OWASP Top 10 - RC1

API Security has finally made it into mainstream security consciousness. The premiere web application security OWASP Top 10 Threats has published its Release Candidate 1 (RC 1). SD Times provided a comprehensive overview on the implications of including API Security as a part of OWASP Top 10 2017 - RC1. Here's an excerpt for SD Times article: The next major addition is Underprotected APIs, since the use of APIs has exploded in modern software, said Williams. There are a variety of protocols and data formats used by these APIs, including SOAP/XML, REST/JSON, RPC, GWT, and others. It’s important to note that these APIs are often unprotected, and they contain numerous vulnerabilities, said Williams. He also added that these APIs represent a “major blind spot” for security programs in organizations, and OWASP is helping to refocus teams on this expanding problem.“To me,... (more)

Industry Experts Discuss the State of Cloud Computing

Cloud Computing Expo on Ulitzer "With cloud computing, price to deploy applications goes through the floor while flexibility to scale those applications goes through the ceiling!" says WaveMaker CEO Chris Keene, in this lively round-up of CEO and CTO opinions to get a sense of The State of Cloud Computing compiled and published by Conference Chair Jeremy Geelan. 4th International Cloud Computing Conference & Expo is taking place this week at the Santa Clara Convention Center (November 2-4, 2009). Keene's take on what's driving Cloud Computing enterprise-wise is just one of several high-profile contributions. Those contributing to Geelan's impromptu survey include: RightScale CEO Michael Crandell; the Chairman & CEO of WaveMaker, Chris Keene; the CTO of GigaSpaces, Nati Shalom; Lew Cirne, Founder & CEO of New Relic; Mitchell Kertzman of Hummer Winblad Venture Partne... (more)

4th International Cloud Expo: Photo Album

Cloud Computing Expo on Ulitzer SYS-CON's 4th International Cloud Computing Conference & Expo, held on November 2 - 4, 2009, in Santa Clara, attracted more than 40 sponsors with over 2,000 delegates, a record attendance. The three content-packed days emphasized value with a rich array of sessions led by exceptional speakers about the business and technical value of cloud computing. Enjoy here our photo album of the show. Now held three times a year -- in New York, Prague, and Santa Clara -- the Cloud Computing Conference & Expo series is the fastest-growing Enterprise IT event in the past 10 years, devoted to every aspect of delivering massively scalable enterprise IT as a service. The event in Santa Clara, CA, was co-located with our 7th International Virtualization Conference & Expo. Cloud Computing Expo 2010 East to Attract More Than 5,000 Delegates from ... (more)

The Top 250 Players in the Cloud Computing Ecosystem

In the run-up to the next Cloud Expo, 7th Cloud Expo (November 1–4, 2010) being held at the Santa Clara Convention Center in Silicon Valley, it's time to give my earlier list a complete overhaul. Here, accordingly, is an expanded list of the most active players in the Cloud Ecosystem. I have increased it from the 'mere' 150 I identified back in January of this year, to 250, testimony – as if any were needed! – to the fierce and continuing growth of the "Elastic IT" paradigm throughout the world of enterprise computing. Editorial note: The words in quotation marks used to describe the various services and solutions in this round-up are in every case taken from the Web sites of the companies themselves. Omissions to this Top 250 list should be sent to me via Twitter (twitter.com/jg21) and I will endeavor to include them in any future revision of this newly expanded rou... (more)

Fusion to Exhibit at @CloudExpo | @FusionConnectSM #DigitalTransformation

SYS-CON Events announced today that Fusion, a leading provider of cloud services, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Fusion, a leading provider of integrated cloud solutions to small, medium and large businesses, is the industry's single source for the cloud. Fusion's advanced, proprietary cloud service platform enables the integration of leading edge solutions in the cloud, including cloud communications, cloud connectivity, and cloud computing. Fusion's innovative, yet proven cloud solutions lower customers' cost of ownership, and deliver new levels of security, flexibility, scalability, and speed of deployment. For more information, please visit www.fusionconnect.com. @ThingsExpo - The World's Largest 'Internet of Things' Event, June 7-9 2016 at New York Ci... (more)

Hybrid Cloud Security | @CloudExpo @Cavirin #API #SDN #AI #DX #DataCenter

According to a recent Gartner study, by 2020, it will be unlikelythat any enterprise will have a "no cloud" policy, and hybrid will be the most common use of the cloud. While the benefits of leveraging public cloud infrastructures are well understood, the desire to keep critical workloads and data on-premise in the private data center still remains. For enterprises, the hybrid cloud provides a best of both worlds solution. However, the leading factor that determines the preference to the hybrid cloud, among other things, is "security." Moreover, as the growth of the public cloud infrastructure continues, it is not hard to observe two key directions of focus by the cloud providers, namely: The geographical expansiveness of their public cloud infrastructure to grow the number of availability zones The richness of their services catalog to ensure cloud adopters are n... (more)

Cloud People: A Who's Who of Cloud Computing

Behind every cloud service or cloud-based solution, there are real people... A robust ecosystem of solutions providers has emerged around cloud computing. But who are the CEOs & CTOs behind those providers, who are the internal and external entrepreneurs driving companies involved in the Cloud, who are the leading engineers, developers, analysts, researchers, marketing professionals, authors...who, in short, are the people behind the cloud? This list will be updated weekly between now and November 4-7, 2013, when 13th Cloud Expo | Cloud Expo Silicon Valley opens its doors in the Santa Clara Convention Center, in the heart of California's Silicon Valley. Here are some highly prominent "Cloud People" to kick off with... RANDY BIAS | @randybias "Randy Bias is visionary. He sees things others don't." [Emphasis added.] That is how Mårten Mickos puts it, as succinctly as ever.... (more)

NASA's NEBULA Space Cloud Computing Platform Launches

Earlier this week NASA took the wraps off a new Cloud Computing platform called NEBULA, or what I'm calling the (Space Cloud). Described as a way to manage research-class computing capacity. NASA describes NEBULA as "a Cloud Computing environment integrating a set of open-source components into a seamless, self-service platform." I found the location of the Space Cloud particularly interesting, The primary NEBULA data center is at Ames Research Center, in the Ames Internet Exchange (AIX). AIX was formerly "Mae West", one of the original nodes of the Internet, and is still a major peering location for Tier 1 ISPs, as well as being the home of the "E" root name servers. Basically you can't find a better location to put a cloud then the birth place of the internet. NASA also put out a request for "Computonauts" through the TESS Community Observer program which will allow... (more)