Trend Cloud Security Blog – Cloud Computing Experts

What is Cloudbursting?

Posted by Bharath Chandrasekhar in Cloud, Cloud-based Security, cloudbursting, DataCenter, hybrid-cloud, private cloud, public cloud, Securing the Cloud, Security, Threats from the Cloud, Uncategorized, Virtualization Mar 15th, 2011 | 8 Comments
Do you know what cloudbursting is? It is a concept where when you run out of your computing resources in your internal data center, you “burst” the additional workload to an external cloud on an on-demand basis. The internal computing resource is the “Private Cloud” and the external cloud is typically a “public cloud” for which the organization gets charged on a pay-per-use basis. When your deployment has the ability to do “cloudbursting” or spreading the load to the public cloud, you essentially have a Hybrid Cloud. Hybrid Clouds can deliver a bit... read more

OpenPaas and CloudBees: Java in the Cloud

Posted by Bharath Chandrasekhar in Cloud, IaaS, PaaS, SaaS, Secure Data Centers, Securing the Cloud, Virtualization Feb 28th, 2011 | 1 Comment
One of the delivery models of Cloud Computing is Platform-as-a-Service. In its true definition, a PaaS provider takes care of the underlying infrastructure including the VMs, OS patches, elasticity, auto-scaling, firewalling, etc and provides an API — and a language runtime — to which the programmer should write the code. The users of PaaS have no control over the underlying infrastructure, i.e. there is nothing “open” about it. The most prominent PaaS offerings are Force.com from Salesforce (Apex), Google App Engine (Python and Java), and Microsoft Azure (.NET). It is obvious... read more

Good Clouds, Evil Clouds: Why Microsoft Hasn’t Lost Yet in Cloud Computing

Posted by Dave Asprey in Cloud, Cloud-based Security, Cyber crime, IaaS, Malware, PaaS, SaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud Feb 6th, 2011 | 6 Comments
In a recent eWeek interview, Citrix CTO Simon Crosby described Conficker malware as “the world’s largest cloud.” He’s right. Cybercriminals use Conficker to create massive clouds of remotely-controlled PCs capable of carrying out a variety of cyber-attacks, including DDoS (Distributed Denial of Service) attacks on a scale larger than any centralized cloud provider could. We tend to think about data center-based clouds with names like Infrastructure-as-a-Service or Software-as-a-Service, but the future of really big clouds looks more like Conficker’s very powerful networks of distributed... read more

London Bridge is Falling Down

Posted by Justin Foster in Cloud, Cloud-based Security, IaaS, PaaS, SaaS, Virtualization Jan 11th, 2011 | Comments Off
Drawing of London Bridge from a 1682 map.  Image courtesy of Wikipedia. Everyone is familiar with the traditional nursery rhyme, “London Bridge is Falling Down.” However, few know that it traces its roots back to a factual wonder of the medieval world. In 1209 a massive stone bridge was opened over the river Thames. Quite different than the modern London Bridge we know today, this colossal structure was an engineering marvel of its day and included a chapel at the apex of the bridge. It didn’t take long for people to realize the potential of this new prime real estate and by the late 1200’s... read more

Why Identity Matters More in the Cloud Than the Enterprise

Posted by Dave Asprey in Cloud-based Security, Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Threats from the Cloud Dec 6th, 2010 | Comments Off
The cloud is putting so much pressure on the old device-centric security model that it’s forcing a change to an identity-centric security model, where it matters far more who a person is than what device or network they are using. In a single day, one person might access cloud applications from his iPhone, home, main office, and Peet’s Coffee, and he may use his home PC, his work laptop, his phone, or even his Xbox. Trying to identify and secure what that person does based only on a device IP address or network address is simply a lost cause. But it gets worse because the same person may... read more

DDoS and the Cloud: Sad but True

Posted by admin in Cloud-based Security, Threats from the Cloud Oct 9th, 2009 | Comments Off
Amazon EC2 customers recently suffered from a concerted Distributed Denial of Service (DDoS) attack that caused some consternation for the web-based code hosting service Bitbucket (news courtesy of my favorite IT tabloid, The Register).  An unfortunate fact of life about the massive DDoS such as Bitbucket appears to have suffered is that there is no defense once the incoming network pipes are full other than shutting off the DDoS.  Trend Micro has to wrestle with DDoS attacks as part of our antivirus business as well as our hosted security business (shameless sales plug: check out InterScan Hosted... read more

Is “trust us” good enough for private data in the public cloud?

Posted by Andy Dancer in Uncategorized Oct 6th, 2009 | Comments Off
Every day brings more headlines about social networking, cloud computing and Software as a Service (SaaS).  Each of these fast growth areas shares an important element in common – they rely on a movement of data from private computers into the public cloud.  The theory goes that this data is protected by the service provider who is an expert in their field.  But in very few cases is that field data security, and there are important implications that should be considered. Security Researches call for Google and others to use SSL to protect all of the interactions with their services.  I agree... read more