Cloud Security

Learn about cloud threats, the latest cloud security technologies, and the leading approaches for protecting data in cloud services.

Enterprise Cloud Security

McAfee Demos Ease of Exploiting Recent Apache Struts Vulnerability

This post was written by Brook Schoenfield and the Advanced Threat Research Team. A series of exploitable conditions have been uncovered in Apache Struts. One of these, CVE-2017-9805, allows unauthenticated execution of attacker code (aka remote code execution). This issue has already been weaponized into attack kits such as Metasploit ...

Enterprise Cloud Security

Network Security in the Amazon Web Services Cloud – It’s Your Responsibility! Part 2.

In the first of this short 2-part series, we covered the basis of why you need to implement security in the AWS cloud, known as the “Shared Responsibility Model”. Advanced attacks, management efficiency across on-premises and cloud environments, and even uncovering Shadow IT, are all challenges you may face moving ...

Enterprise Cloud Security

Network Security in the Amazon Web Services Cloud – It’s Your Responsibility!

There is a presiding notion that because established cloud providers such as Amazon deliver enterprise-class infrastructure, security is “taken care of.” When you set up your workloads in AWS, you hopefully configure available settings like access control and firewall port restrictions. That’s all good, and necessary! But outside of the ...

Cloud Security

21 AWS Security Groups Best Practices

What is AWS Security Groups? In AWS, security groups act as a virtual firewall that regulates inbound/outbound traffic for service instances. Unlike traditional firewalls, however, security groups only allow you to create permissive rules. Users are not provided the ability to deny traffic. This means that if no rules are ...

Cloud Security

McAfee MOVE AntiVirus Multiplatform Deployment Just Got a Lot Easier

This blog post was written by Teresa Wingfield. McAfee Management for Optimized Virtual Environments AntiVirus (McAfee MOVE AntiVirus) optimizes security for virtual desktops and servers. Version 4.6 became available on July 18, 2017. One of the major enhancements offered by this release is dramatic simplification of the multiplatform deployment process. ...

Enterprise Cloud Security

McAfee Public Cloud Server Security Suite Paid AMI Now on AWS Marketplace

This blog post was written by Teresa Wingfield. A new Paid Amazon Machine Image (AMI) for McAfee Public Cloud Server Security Suite (McAfee PCS) is now available on an hourly basis on the Amazon Web Services (AWS) Marketplace. The Paid AMI is a flexible option for protecting AWS workloads since ...

Cloud Security

SDDC 101: The Why, the What, and the How

This blog post was written by Raja Patel. The Software Defined Data Center (SDDC) has fundamentally changed how IT delivers infrastructure and services. SDDC rethinks traditional ways of using virtualized resources by adding virtual networks (SDN) and virtualized storage (SDS) to virtual compute as a better way to build data ...

Cloud Security

AWS Shared Responsibility Model for Security and Compliance

What is AWS Shared Responsibility? As enterprises look to achieve greater operational efficiency and gain a competitive advantage, they are increasingly turning to cloud service providers like Amazon Web Services to offload their IT infrastructure and computing needs. The advantages afforded by divesting their datacenters in favor of moving to AWS are ...

Cloud Security Executive Perspectives

CIOs: You need to have the cloud talk with your staff

CIOs, it is time to have a frank and open discussion with your staff. This conversation may be difficult or awkward, as it involves topics such as consent, privacy, and appropriate protection. Yes, you need to speak with your staff about the organization’s cloud strategy, and any deployment or security ...

Cloud Security

Cloud Access Security Broker (CASB) Deployment Modes Best Practices

Many customers that deploy Cloud Access Security Broker (CASB) solutions to secure their shadow, sanctioned and custom IaaS apps very quickly realize that they need to navigate through different deployment options to secure their users and data across mobile, desktop, remote and on-prem users. Gartner recommends that customers consider a multi-mode deployment (aka ...

Subscribe to McAfee Securing Tomorrow Blogs