lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 1 Apr 2011 15:43:36 +0100
From: Context IS - Disclosure <disclosure@...textis.co.uk>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Whitepaper: Assessing Cloud Node Security

Context Information Security have released a whitepaper on Assessing Cloud Node Security.

Synopsis:
Some major Cloud providers currently expose their clients’ data to the risk of compromise as a result of serious flaws in the implementation of their technologies. This is the key finding of a major new survey of the security of Cloud nodes completed by Context Information Security.

The growing trend in migrating systems to use Cloud infrastructure to take advantage of the cost savings and flexibility that this form of IT provision can offer has caused concern within the security community, because this virtual and dynamic environment creates a new threat landscape.

This whitepaper is the result of research undertaken by Context into the technical risks associated with Cloud computing infrastructure nodes. Context rented a range of Cloud nodes currently offered by the major providers and performed a review of their security, including the limitations imposed by providers on the types of technical security testing allowed to be performed.

The methodology, results, challenges and recommended mitigations are detailed in this whitepaper, which sets out best practices for securing Cloud nodes as an end user and will help end users to assess and reduce any associated risk to their systems. Information about the general security issues discovered in actual Cloud nodes has also been fed back to the providers to enable them to resolve these issues. 

Read the whitepaper in full at:
http://www.contextis.co.uk/resources/white-papers/assessing-cloud-node-security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ