Tag: cloudsecurity

A post about how we performed an analysis of the Kafka connectors in use for a customer to detect if they were vulnerable to the recently discovered Log4j vulnerability - CVE-2021-44228 and CVE-2021-45046.

A list containing links to the advisories and security announcements published by various Cloud platforms and SaaS providers regarding CVE-2021-44228, the Log4j Remote Unauthenticated Code Execution vulnerability.

A guide to help you discover vulnerable Log4j packages across multiple Linux machines using scripting and the AWS SSM to run commands remotely.

To ensure absolute security, Google has offered its users tools to help them protect their cloud-based resources. Here are a few tools in the Google security network that your business can leverage to ensure consistent security in your cloud accounts.

The Google cloud security network offers a shared responsibility model for cloud security with its users. While Google ensures that all the infrastructure is secure, the users of GCP are expected to secure their workload, data, and other resources on the cloud. While Google Cloud offers its users the tools to secure their cloud resources, attackers often find their way into your cloud resources due to misconfigurations during development.

EC2 misconfigurations leave your cloud accounts vulnerable to attacks. For businesses that haven't started automating cloud security yet, here is a list of things you can do manually, to begin with.