Category

Read more »

AWS Shared Security Model - Slideshare presentation brought to you by the AWS cloud guys. The presentation gives a nice basic overview on AWS Security including the “Shared responsibility model”, features and products. If you are new on AWS this is a must in order to quickly understand what are the public cloud vendor’s expectation and will support your plans to move and utilizing the public cloud while outsourcing part of your IT security.

Read more »

Newvem received Amazon’s acceptance to its Technology Partner Network – one of the most prestigious closed cloud networks.  The cloud community at large can now accept Newvem as the premier leader in enhancing cloud usage effectiveness through data analytics. 

Read more »

The following article was posted on GigaOm and was based on our analysis and cloud security insights that Newvem’s big data engine reveals. In this article, you will find 5 important low hanging fruits that you should recognize in order to have your Amazon cloud account secure. If you are an Amazon cloud services’ user, we invite you to connect your AWS cloud account to our non-intrusive service in order to know your cloud and learn more, not only your AWS security, but also about money that you’re wasting, point of failures (POFs) and poor performance yields.

Read more »

Read more »

We have noticed that at least one unnecessary port is open on your DB server, meaning that your DB server is potentially vulnerable. Typically this issue occurs when using the same security groups to secure DB and non-DB servers. We suggest setting security groups specifically for the DB server and limiting access to recommended DB-related ports only.

Read more »

We have found that you have at least one of your security groups’ IP ports open to all internal AWS servers. This can potentially make some of your servers vulnerable. This issue can occur if one of your security groups was configured to allow access to the following IP range - 10.0.0.1/8.  

We suggest limiting access of internal AWS servers to these open ports in one of the following ways:

• IP Address: Limit access to a specific IP address of an instance that is yours (e.g.  10.17.48.156/32)
• Security Group: Limit access to a certain security group (i.e. use another security group’s rules to limit access (e.g. sg-3c02c053).  

Read more »

Newvem monitors your security groups’ ports, and notifies you if it finds that at least one of them is currently open to all IP addresses. An open IP port may mean that some servers are exposed to access from any IP address worldwide, making them vulnerable. We suggest that you reduce the number of open ports to a minimum, limiting access from the outside world only to web-facing services. For example, port 80 for HTTP and port 443 for HTTPS.

Read more »

Cloud providers consolidate access to many consumers’ data, or should we say victims’ data into a single point of (hacking) entry. Recently,  the major popular clouds have increasingly become the focus of attacks by hackers. IT organizations may think that their legal liability can be outsourced, but total misconception. The contract with the IaaS vendors includes security obligations, however it does not negat the liability of the software vendor as the responsible party. So rather than focusing on contracts and limiting liability in cloud services deals, the SaaS vendor must focus on controls and audit-ability.

Read more »

Traditionally delivering high availability often meant replicating everything. However, today with the option of going to the cloud we can say that providing two of everything is costly. High availability should be planned and achieved at several different levels: including the software, the data center and the geographic redundancy.

Read more »