Welcome!

Microservices Expo Authors: Elizabeth White, Liz McMillan, Pat Romanski, Anders Wallgren, AppDynamics Blog

Related Topics: @CloudExpo, Microservices Expo, Open Source Cloud, Containers Expo Blog, Cloud Security, Government Cloud, @BigDataExpo

@CloudExpo: Blog Post

Open Source Cloud Offers Another Route to Better Security

Fearmongers miss the point on mobile security and more

By

Here are top cyber news and stories of the day.

  • Open source cloud offers another route to better security – “IBM’s move to OpenStack is another indication that open cloud offers many advantages when it comes to security.” There are currently over 5,000 IBM private consumers who will be switching to OpenStack in the near future. This will create a huge surge in the open-source cloud market at that time. Via Cloud Pro, more here.
  • Raytheon, Lockheed get U.S. secrets as cybersecurity go-betweens – Raytheon and Lockheed Martin signed on to the DHS Enhanced Cybersecurity Services program, which will provide them with threat signatures obtained by USG sources, free of charge. This will increase the ability of these firms to compete not only in the federal and defense space, but also on the corporate side, as they will have better threat intelligence than many of their competitors. Via Herald Net, more here.
  • In cyberwarfare, rules of engagement still hard to define – As we increase the offensive capabilities of our cyber warriors, we must step back and think, when will we use them, and how. Traditionally, our armed forces follow the “Law of Armed Conflict,” a set of international rules created to govern armed warfare while protecting non-combatants and enemy prisoners of war. But the cyber domain is different, attacks which may affect a key military objective might have incredibly unintended (and devastating) effects on civilian infrastructure. As the consequences of such attacks are unknown (and cannot be completely forecast) we have to take great care in defining our rules of engagement in the cyber domain. Via The Washington Post, more here.
  • White paper: NIST conducts proof of concept on trusted geolocation in the cloud – A group of NIST scientists working with Intel, VMWare and RSA Archer have created of proof of concept for trusted geolocation in the cloud. This allows managers to locate the exact hardware that is running their cloud services. This is possible using the Intel Trusted Execution Technology. Via FedScoop, more here.
  • Hackers target grocery store card readers – Hackers in Arizona are targeting a grocery chain’s card readers to steal identities. Over 100 victims have been identified in Arizona as targets of identity thieves who stole credit card numbers and made purchases on the east coast, as well as Indonesia and Spain. Via KVOA, more here.
  • DSB task force urges security mandates for DoD cloud computing – “Cloud computing adoption within the Defense Department will require establishment of clear security mandates, says a report from a Defense Science Board task force.” This report points to the DoD CIO and DISA chief using hypervisor attestation, hardware attestation for encryption keys and more. This report also recommends a standardized cloud SLA, and a central repository that documents the cloud transition. Via FierceGovernmentIT, more here.
  • DOD furloughs to begin April 26 – Furloughs for DoD civilians will begin April 26th, barring any major legislative changes. Via FedScoop, more here.
  • Fearmongers miss the point on mobile security – “everyone likes to trumpet the claim that mobile is insecure. Now that people are using their smartphones for work, enterprises are in trouble. The apps that people are using are going to let out all of the confidential data that everyone has been storing for decades…the dirty secret is that mobile has nothing to do with it.” This is an excellent post which investigates how manufacturers are using FUD to sell you on securing your mobile infrastructure, when the real problem is your conventional IT (and its implementation). The author, Brian Katz, makes the point that the real issue is not technology, but our culture of insecurity (and skirting security mandates for ease of use). Via CITE World, more here.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@MicroservicesExpo Stories
With an estimated 50 billion devices connected to the Internet by 2020, several industries will begin to expand their capabilities for retaining end point data at the edge to better utilize the range of data types and sheer volume of M2M data generated by the Internet of Things. In his session at @ThingsExpo, Don DeLoach, CEO and President of Infobright, will discuss the infrastructures businesses will need to implement to handle this explosion of data by providing specific use cases for filte...
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Avere delivers a more modern architectural approach to storage that doesn’t require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbuilding of data centers ...
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 ad...
In most cases, it is convenient to have some human interaction with a web (micro-)service, no matter how small it is. A traditional approach would be to create an HTTP interface, where user requests will be dispatched and HTML/CSS pages must be served. This approach is indeed very traditional for a web site, but not really convenient for a web service, which is not intended to be good looking, 24x7 up and running and UX-optimized. Instead, talking to a web service in a chat-bot mode would be muc...
SYS-CON Events announced today that Men & Mice, the leading global provider of DNS, DHCP and IP address management overlay solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. The Men & Mice Suite overlay solution is already known for its powerful application in heterogeneous operating environments, enabling enterprises to scale without fuss. Building on a solid range of diverse platform support,...
More and more companies are looking to microservices as an architectural pattern for breaking apart applications into more manageable pieces so that agile teams can deliver new features quicker and more effectively. What this pattern has done more than anything to date is spark organizational transformations, setting the foundation for future application development. In practice, however, there are a number of considerations to make that go beyond simply “build, ship, and run,” which changes ho...
WebSocket is effectively a persistent and fat pipe that is compatible with a standard web infrastructure; a "TCP for the Web." If you think of WebSocket in this light, there are other more hugely interesting applications of WebSocket than just simply sending data to a browser. In his session at 18th Cloud Expo, Frank Greco, Director of Technology for Kaazing Corporation, will compare other modern web connectivity methods such as HTTP/2, HTTP Streaming, Server-Sent Events and new W3C event APIs ...
SYS-CON Events announced today that AppNeta, the leader in performance insight for business-critical web applications, will exhibit and present at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. AppNeta is the only application performance monitoring (APM) company to provide solutions for all applications – applications you develop internally, business-critical SaaS applications you use and the networks that deli...
Microservices are all the rage right now — and the industry is still learning, experimenting, and developing patterns, for successfully designing, deploying and managing Microservices in the real world. Are you considering jumping on the Microservices-wagon? Do Microservices make sense for your particular use case? What are some of the “gotchas” you should be aware of? This morning on #c9d9 we had experts from popular chat app Kik, SMB SaaS platform Yodle and hosted CI solution Semaphore sha...
Microservices are a type of software architecture where large applications are made up of small, self-contained units working together through APIs that are not dependent on a specific language. Each service has a limited scope, concentrates on a specific task and is highly independent. This setup allows IT managers and developers to build systems in a modular way. In his book, “Building Microservices,” Sam Newman said microservices are small, focused components built to do a single thing very w...
How is your DevOps transformation coming along? How do you measure Agility? Reliability? Efficiency? Quality? Success?! How do you optimize your processes? This morning on #c9d9 we talked about some of the metrics that matter for the different stakeholders throughout the software delivery pipeline. Our panelists shared their best practices.
The (re?)emergence of Microservices was especially prominent in this week’s news. What are they good for? do they make sense for your application? should you take the plunge? and what do Microservices mean for your DevOps and Continuous Delivery efforts? Continue reading for more on Microservices, containers, DevOps culture, and more top news from the past week. As always, stay tuned to all the news coming from@ElectricCloud on DevOps and Continuous Delivery throughout the week and retweet/favo...
The cloud promises new levels of agility and cost-savings for Big Data, data warehousing and analytics. But it’s challenging to understand all the options – from IaaS and PaaS to newer services like HaaS (Hadoop as a Service) and BDaaS (Big Data as a Service). In her session at @BigDataExpo at @ThingsExpo, Hannah Smalltree, a director at Cazena, will provide an educational overview of emerging “as-a-service” options for Big Data in the cloud. This is critical background for IT and data profes...
In a previous article, I demonstrated how to effectively and efficiently install the Dynatrace Application Monitoring solution using Ansible. In this post, I am going to explain how to achieve the same results using Chef with our official dynatrace cookbook available on GitHub and on the Chef Supermarket. In the following hands-on tutorial, we’ll also apply what we see as good practice on working with and extending our deployment automation blueprints to suit your needs.
Father business cycles and digital consumers are forcing enterprises to respond faster to customer needs and competitive demands. Successful integration of DevOps and Agile development will be key for business success in today’s digital economy. In his session at DevOps Summit, Pradeep Prabhu, Co-Founder & CEO of Cloudmunch, covered the critical practices that enterprises should consider to seamlessly integrate Agile and DevOps processes, barriers to implementing this in the enterprise, and pr...
If we look at slow, traditional IT and jump to the conclusion that just because we found its issues intractable before, that necessarily means we will again, then it’s time for a rethink. As a matter of fact, the world of IT has changed over the last ten years or so. We’ve been experiencing unprecedented innovation across the board – innovation in technology as well as in how people organize and accomplish tasks. Let’s take a look at three differences between today’s modern, digital context...
The principles behind DevOps are not new - for decades people have been automating system administration and decreasing the time to deploy apps and perform other management tasks. However, only recently did we see the tools and the will necessary to share the benefits and power of automation with a wider circle of people. In his session at DevOps Summit, Bernard Sanders, Chief Technology Officer at CloudBolt Software, explored the latest tools including Puppet, Chef, Docker, and CMPs needed to...
Sensors and effectors of IoT are solving problems in new ways, but small businesses have been slow to join the quantified world. They’ll need information from IoT using applications as varied as the businesses themselves. In his session at @ThingsExpo, Roger Meike, Distinguished Engineer, Director of Technology Innovation at Intuit, showed how IoT manufacturers can use open standards, public APIs and custom apps to enable the Quantified Small Business. He used a Raspberry Pi to connect sensors...