Welcome to above the clouds
GCP – Peer reviewed ‘allow’ and ‘deny’ software installation decisions to enable scalable protection
Among the controls any IT organization needs to have firmly in place, nothing ranks higher than blocking malware. As opposed to a “default allow” policy, which blocks only known bad software, the safer way to do that is through a “default deny” policy that blocks everything except allowed software. The obvious difficulty is that the […]
AWS – Amazon VPC Flow Logs now reflects AWS Service name, Traffic Path and Flow Direction
You can now add four additional metadata fields in your Amazon Virtual Private Cloud (Amazon VPC) flow logs, namely flow-direction, traffic-path, pkt-src-aws-service and pkt-dst-aws-service. With these enriched fields you can derive insights into the AWS services that your workloads are communicating with, differentiate between ingress and egress traffic flows and identify the next hop of […]
AWS – Amazon Elastic File System (Amazon EFS) is now available in the AWS Asia Pacific (Osaka) region
Customers in the AWS Asia Pacific (Osaka) Region can now use Amazon Elastic File System (Amazon EFS). Read More for the details.
GCP – Reducing risk through credit card fraud detection
Practically every company relies on credit card transactions to fuel their business and facilitate the exchange of funds. In fact, many companies, especially those with digitally focused missions, now only accept credit card payments. This market saturation has attracted a wave of bad actors looking to use the credit card momentum to their advantage. Global […]
Azure – Azure trusted launch for Virtual Machines now in public preview
Azure offers trusted launch as a seamless way to bolster the security of Generation 2 VMs. Designed to protect against boot kits, rootkits, and kernel-level malware, trusted launch is comprised of secure boot, virtual trusted platform module (vTPM), and boot integrity monitoring. Read More for the details.
GCP – Inventory management with BigQuery and Cloud Run
Many people think of Cloud Run just as a way of hosting websites. Cloud Run is great at that, but there’s so much more you can do with it. Here we’ll explore how you can use Cloud Run and BigQuery together to create an inventory management system. I’m using a subset of the Iowa Liquor […]
Azure – Automatic VM guest patching is now in public preview for Linux VMs
Automatic VM guest patching provides safe and automatic patching for virtual machines to simplify update management and maintain security compliance. Read More for the details.
GCP – Managing cloud firewalls at scale with new Hierarchical Firewall Policies
Following up our previous blog post, we are excited to announce that hierarchical firewalls are generally available. Google Cloud’s hierarchical firewall policies provide new, flexible levels of control so that you can benefit from centralized control at the organization and folder level, while safely delegating more granular control within a project to the project owner. […]
Azure – General availability: Azure API Management now has named values integration with Azure Key Vault
API Management’s named values can now be stored and managed in Azure Key Vault. Read More for the details.
Azure – Azure API Management extension for Visual Studio Code now generally available
Perform common management operations on your Azure API Management service instances without switching away from Visual Studio Code. Read More for the details.