Amazon Web Services

Top Secret

Podcast: Uber Breach Puts Focus on Securing DevOps Secrets

Podcast: Play in new window | Download (Duration: 24:17 — 44.5MB)Subscribe: Android | Email | Google Podcasts | RSSThe hack of Uber and the loss of information on 57 million customers is just the latest security incident stemming from what our guest Elizabeth Lawler calls “DevOps secrets” – valuable credentials, APIs and other sensitive information that often end up exposed to the public as a result of lax continuous development operations. In this Spotlight Edition* of The Security Ledger Podcast, sponsored by CyberArk, we talk with Elizabeth about how to contain DevOps secrets and secure the secret super user lurking in modern organizations: highly privileged application code. 

IoT’s Cloud Risk on Display with Flaws in Fuze Collaboration Platform

In-brief: Rapid7 said it found a number of flaws that leaked data on users of collaboration technology by Fuze. In an increasingly common finding: poorly secured cloud resources, not the handsets, were the problem. 

Paul Roberts and Chenxi Wang - RSA Conference

Interview: Chenxi Wang on Information Security’s Mr. Robot Problem and Enforcing IoT Standards

In-brief: In an interview with Security Ledger Editor in Chief Paul Roberts, Chenxi Wang of the firm Twist Lock talks about information security’s “Mr. Robot” problem and the need for standards for the Internet of Things. 

Trump’s Not Crazy To Secure @POTUS with Gmail. Here’s Why.

In-brief: is having the Chief Executive’s Twitter account secured by a Google Gmail account really a security lapse? Not necessarily.

Microsoft Launches Security Program for Azure IoT

In-brief: Microsoft announced security focused services for IoT developers using its Azure managed cloud platform.