|
🔗 Stories, Tutorials & Articles |
|
|
|
3 Essential Tips for Adopting DevSecOps |
|
|
Implementing processes to make it less painful is key to integrating cloud security into DevOps. Automate as much as you can. Start small, then evolve. |
|
|
|
|
|
|
Before an attacker discovers your cloud, be aware of the endpoints you have exposed to the internet. |
|
|
Attackers constantly scan internet endpoints for susceptible services to access and breach. Once a public IP becomes active, keep in mind that attackers and different search engines starts to crawl it. It’s always a good idea to keep track of which endpoints on your cloud are accessible via the internet and audit those endpoints on a regular basis before a compromise becomes inevitable. VPC services on GCP provide networking functionality to a variety of services such as VM/Kube services, CloudSQL, load balancers, and so on, which can be used to run services with attaching an external IP address to expose on the internet. GCP helps with tracking/visibility with all lists of external addresses used on the project aligning with respective resources. In this article, see how you can leverage the available service and APIs for same to find the services the one which is exposed to the internet on the same. |
|
|
|
|
|
|
The Security Design of the AWS Nitro System ✅ |
|
|
Amazon EC2 is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. The AWS Nitro System is the underlying platform for all modern EC2 instances. This whitepaper provides a detailed description of the security design of the Nitro System to assist you in evaluating EC2 for your sensitive workloads. |
|
|
|
|
|
|
Data Breaches of 2022 and How They Could Have Been Prevented |
|
|
Despite our best efforts, cybersecurity continues to lag behind the creativity of cyber criminals. As we become more interconnected, the potential for a devastating data breach only grows. In 2022, there have been several major data breaches that remind us of the importance of proper security precautions. |
|
|
|
|
|
|
GCP Cloud Asset Inventory Feed : Get real time notifications on Resource Changes |
|
|
The Cloud Asset Inventory keeps track of your GCP resources over time. This database keeps a history of 5 weeks of metadata around each asset in the inventory and lets you query your inventory at any particular time instant. In this article, you will see how we can subscribe to the real time notifications for changes in your assets and get an alert when a Google Compute Engine Instance with Public IP is created. |
|
|
|
|
|
|
5 steps to help make your software supply chain more secure |
|
|
From our new report on supply chain security vulnerabilities, CISO Phil Venables offers five tips on how Google Cloud can help secure your software. |
|
|
|
|