Cloud Security Monitoring!
How exciting is that? You combine 3 non-specific words – cloud, security, monitoring – and you get … what exactly? Let’s find out! This quarter my research focuses on cloud security monitoring and...
View ArticleMore On Security Monitoring of Public Cloud Assets
This post is not a whine about how security in public cloud environments is lagging behind the traditional physical environments. There is nothing here to whine about since our experience with other IT...
View ArticleCloud Security Monitoring for IaaS, PaaS, SaaS
My journey deep into cloud security monitoring continues, with a brief detour into “faith-based monitoring” (as in “we believe our cloud provider takes care of monitoring“). In any case, let’s try to...
View ArticleCloud Security Monitoring: IaaS Conundrum
As you learned from my previous posts related to security monitoring of public cloud assets, there are challenges related to monitoring data availability as well as data interpretation. IaaS...
View ArticleCloud IS Different: So Monitoring Must Be Different?
I’m tired of hearing quotes like “cloud is completely different from traditional IT” as well as those that say “cloud is just like outsourcing, mainframes, etc.” Those who like the former quote will...
View ArticleClik here to view.
Is Cloud Secure? WTFC!
“Is cloud secure?” Seriously, why are you asking this? Ask: is MY USE of cloud computing secure? Or, if you want to be a bit fancy, you can add “… secure enough for my purposes?” Do ask “is my...
View ArticleCloud Security Monitoring: The “Who” Question
Another inherently “annoying” feature of security monitoring (apart from its “ongoing, need-to-do-it-forever” nature) is that somebody must actually do it. Yes, the dreaded “who will do the monitoring...
View ArticleMy Cloud Security Monitoring Paper Publishes!
“Security Monitoring of Public Cloud Assets” paper is up on the Gartner site – go and grab it there. Abstract follows below: “Cloud computing is changing the way enterprises use IT. Security...
View ArticleWebinar on Security Monitoring of Public Cloud Assets
Topic: “Security Monitoring of Your Public Cloud Assets” Date: 21 June 2012 Time: 10:00 AM EDT | 1:00 PM EDT Register: http://my.gartner.com/webinardetail/resId=2019317 Abstract: “Cloud security...
View ArticleClik here to view.
Finally, PCI DSS In The Cloud Guidance
As all of you already know, PCI Council has finally released an official “Information Supplement: PCI DSS Cloud Computing Guidelines” [PDF] aka “PCI DSS in the cloud.” Here are some of my favorite...
View ArticleCloud Security Monitoring … Revisited (aka It Is Not 2012 Anymore!)
My next project, now that I am done with security analytics for now, is to revisit our cloud security monitoring work. Specifically, some of you remember my 2012 (!) paper “Security Monitoring of...
View ArticleClik here to view.
Once More on Cloud SIEM or SaaS SIEM
A reminder: cloud SIEM (“SaaS SIEM”) does not really exist yet [so, those who compute market share numbers for it are simply deluded]. However, today there are some “almost SaaS SIEM” products on the...
View ArticleTrouble In The Cloud?!
What challenges does the usage of traditional, on-premise security tools [monitoring tools, like SIEM or DLP, in particular] creates in the cloud [SaaS, PaaS, IaaS models]? Here are some I’ve come...
View ArticleMy “How to Monitor the Security of Public Cloud Resources” Publishes
My “How to Monitor the Security of Public Cloud Resources” paper just went up on the Gartner site. It is an update of the work I’ve done back in 2012 to identify the architectural approaches for...
View ArticleMy Cloud Security Monitoring Paper Publishes!
“Security Monitoring of Public Cloud Assets” paper is up on the Gartner site – go and grab it there. Abstract follows below: “Cloud computing is changing the way enterprises use IT. Security...
View ArticleWebinar on Security Monitoring of Public Cloud Assets
Topic: “Security Monitoring of Your Public Cloud Assets” Date: 21 June 2012 Time: 10:00 AM EDT | 1:00 PM EDT Register: http://my.gartner.com/webinardetail/resId=2019317 Abstract: “Cloud security...
View ArticleClik here to view.
Finally, PCI DSS In The Cloud Guidance
As all of you already know, PCI Council has finally released an official “Information Supplement: PCI DSS Cloud Computing Guidelines” [PDF] aka “PCI DSS in the cloud.” Here are some of my favorite...
View ArticleCloud Security Monitoring … Revisited (aka It Is Not 2012 Anymore!)
My next project, now that I am done with security analytics for now, is to revisit our cloud security monitoring work. Specifically, some of you remember my 2012 (!) paper “Security Monitoring of...
View ArticleClik here to view.
Once More on Cloud SIEM or SaaS SIEM
A reminder: cloud SIEM (“SaaS SIEM”) does not really exist yet [so, those who compute market share numbers for it are simply deluded]. However, today there are some “almost SaaS SIEM” products on the...
View ArticleTrouble In The Cloud?!
What challenges does the usage of traditional, on-premise security tools [monitoring tools, like SIEM or DLP, in particular] creates in the cloud [SaaS, PaaS, IaaS models]? Here are some I’ve come...
View Article
