How to detect side-channel attacks in cloud infrastructures

Cloud Computing is a disruptive technology which brought enormous benefits. However, even if the benefits are countless, there are several security challenges, such as elasticity and multi-tenancy, which require an innovative approach. Indeed, traditional security tools are not suitable for Cloud Computing, since infrastructures can be very dynamic. Therefore, automation is the only answer to…

Elastic Vulnerability Assessment (EVA) Credentials for AWS EC2 and VPC

One of the major obstacles to Elastic Detector adoption is the step where infrastructure API credentials are asked. Security guys do not easily give their keys to strangers. We fully understand that, so we have proposed two solutions: Virtual appliance, such as an AMI on the AWS marketplace. We provide VMware (vmdk) and KVM versions…

vSphere 5 Hardening Guide

Vmware has just released a great guide: the official hardening guide for vSphere 5.  The terminology has changed and if you are used to the version 4.1, there is a nice companion document to help you compare. The security of the virtualization layer is fundamental for the security of the cloud infrastructures. This is acknowledged…

Launch of HP Cloud with OpenStack

We’ve been busy lately with the second version of Elastic Detector, that supports Amazon EC2, Terremark’s vCloud Express and Eucalyptus. Today we’re thrilled to announce support of another leading cloud infrastructure: HP Cloud. Please find the complete announcement here. We are strong believers in OpenStack and we have participated to the private beta of HP…