Tag Archives: Cloud Security

TLS 1.3 Released: Most secure Web based communication protocol – Now Available

Just saw the tweet… IETF finally released the long-awaited TLS 1.3 version of the secure Web communication, considered to be the most secure protocol specification that assures high-degree of security, privacy and also faster performance compared to its predecessor TLS 1.2. The most compelling features of TLS 1.3 : More secure, removed out-dated algorithms previously had known vulnerabilities from TLS cipher… Read more »

TLS 1.3 Approved – Let’s get ready for much faster and secure HTTPS connections !

It’s been few years now, the IETF’s TLS 1.3 standardization effort always looked like a never-ending story. Glad to note the wait is over. After 28 drafts for review, last week IETF finally ratified TLS 1.3 as an approved standard.  Indeed, TLS 1.3 promises significantly faster SSL/TLS performance and a much secure communication protocol standard ever before!  It also brings a radical change… Read more »

Encryption and Key Management in AWS – Comparing KMS vs. CloudHSM

A secure data protection using encryption depends more on secure key management processes than the encryption itself. Although enabling encryption looks quite trivial, managing the underlying Key management lifecycle processes and handling the associated cryptographic operations always been a daunting challenge! The challenges are too many till we really know..beginning from key generation and issuance, key ownership, key usage, privileged… Read more »

Post-Quantum Cryptography (PQC) – Future proofing for quantum-safe encryption !

Everything is hackable! During the RSA Conference 2017 Crypto panel, Prof. Shamir (the letter “S” in the RSA) said, “I think there is a higher chance that RSA could be broken by a mathematical attack.” and he also wondered to note “Quantum Computers” will be a reality soon! That said, the evolution of practical quantum computers are not far away, according… Read more »

Application Container Security Guidance from NIST (Docker Containers)

NIST released an Application Container Security publication (SP 800-190), which delves into the major security risks and concerns related to Container images, registries, OS, orchestration, network isolation. It also presents a long-list of proactive countermeasures and mitigation recommendations for the known risks and example scenarios on how to address container security threats with the recommended countermeasures.  Although it is a quite… Read more »

Automating Security and Compliance Assessments using SCAP – On-demand Scanning and Compliance Reporting with Remediation

Manually assessing security controls, host and application configuration, access control policies, software patch levels and creating on-demand compliance readiness reports has always been a daunting task, especially when it is critical to adhere standards and regulatory mandates.  Not only those processes are very time consuming and they are also highly prone to human errors.  It becomes even more complicated when… Read more »

Data Protection Strategies for Oracle SuperCluster Private Cloud Deployments..

Few weeks ago, a few folks in the SuperCluster community have reached out to me to share information on the Data protection strategies on SuperCluster that we incorporated them for “Secure Multitenancy” deployments. It’s not an easy exercise as we published it as a Cookbook for customers. However, I’d like to share the critical aspects of Data protection that can be… Read more »