Chronicle enhances security ops in Google Cloud
- Chronicle Security Operations integrates with Security Command Center Premium, Google Cloud telemetry.
- Offers turnkey threat detection, investigation, response (TDIR) through data collection and analysis.
- Detect threats with high-fidelity alerts, investigate with visualized storylines, automate responses.
- Simplifies data ingestion from various Google Cloud services, normalizes, contextualizes cloud telemetry. UPDATE
Google Cloud adds attack path simulation
- Security Command Center now includes attack path simulation, analyzing vulnerabilities in Google Cloud environments.
- The feature uses near-real time data to create high-risk attack paths without manual queries.
- The service is fully automated, provides remediation advice based on findings.
- An attack exposure score helps prioritize remediation, improving risk posture. UPDATE
Security Command Center Premium bolsters identity protection
- Google Cloud’s Security Command Center Premium enhances detection of compromised identities.
- New detectors include excessive failed attempts, anomalous service account impersonation, and dormant service account activity.
- Offers insights into risky IAM policy changes and behavior by principals. UPDATE
Amazon S3 Introduces Dual-Layer Server-Side Encryption
- Amazon S3 now offers dual-layer server-side encryption with keys stored in AWS Key Management Service (DSSE-KMS).
- Compliant with National Security Agency CNSSP 15 for FIPS and Data-at-Rest Capability Package Version 5.0.
- Supports querying and analyzing dual-encrypted data with AWS services like Athena and SageMaker. UPDATE
Amazon Inspector Adds Software Bill of Materials Export
- Amazon Inspector now offers Software Bill of Materials (SBOMs) export in CycloneDx and SPDX formats.
- Allows automated and centrally managed visibility into software supply chain and vulnerabilities.
- Available at no additional cost across all commercial regions where Amazon Inspector is available. UPDATE
Amazon Inspector Supports Lambda Function Code Scans
- Amazon Inspector expands to scan custom application code in Lambda functions.
- Identifies vulnerabilities like injection flaws, data leaks, and weak cryptography.
- Generates detailed, actionable security findings routed to AWS Security Hub and Amazon EventBridge. UPDATE
"Secure Web Proxy enhances cloud security"
General availability of Secure Web Proxy, a cloud-first network security offering that enables web egress traffic inspection, protection, and control for Zero Trust networking. UPDATE
"Google Cloud Firewall adds threat intelligence features"
Introduces threat intelligence and geo-location capabilities, allowing curated threat lists and granular control based on geographic locations for enhanced cloud workload security. UPDATE
Google Cloud submits OSCAL package
Google Cloud submitted OSCAL package for DoD Impact Level 5; machine-readable language for security control assessments developed by NIST. UPDATE
Preview of Amazon CodeGuru Security
Uses Machine Learning for static application security testing, identifying vulnerabilities, in-context code patches. UPDATE
Amazon Verified Permissions now GA
Fine-grained authorization, permissions management, high availability, scalability, integration with AWS CloudTrail. UPDATE
AWS Security Hub adds automation rules
Automatically update, suppress findings, update severity, add notes, custom or template-based rules. UPDATE
AWS Control Tower adds Security Hub controls
Adds 10 detective controls targeting various services, supports over 170 detective controls, proactive, preventive controls. UPDATE
Provisioning + Runtime
Azure VMware Solution now supports stretched clusters
- Stretched clusters for Azure VMware Solution provides 99.99% uptime.
- Supports Customer-Managed Keys for vSAN encryption.
- Ensures high availability for critical applications with zero-recovery point objective.
- Resilient to AZ failures, integrated with Azure Key Vault. UPDATE
Azure Front Door Migration to Standard/Premium Now Available
- Azure Front Door Standard and Premium tiers, catering to dynamic/static content delivery and security, were made generally available in March 2022.
- Migration from Azure Front Door (classic) to Standard or Premium is now possible with zero downtime.
- Migration takes a few minutes and involves three to five steps depending on configurations. UPDATE
Azure Cache for Redis triggers Azure Functions
Trigger Azure Functions with Azure Cache for Redis on data types, keyspace notifications, write-behind/write-through cache support. UPDATE
Azure HX VMs for HPC now GA
HX-series VMs optimized for large memory HPC workloads; up to 176 AMD EPYC 9004-series CPU cores, 1.4TB RAM, 400Gb/s NDR InfiniBand. UPDATE
Azure Virtual Desktop gets insights upgrade
Now includes Azure Monitor Agent; collects data from session hosts for native monitoring, introduces configuration workbook experience. UPDATE
AWS Elastic Disaster Recovery updates
Replicates, recovers AWS network components, configurations, supports Trusted accounts, continuous data replication. UPDATE
Azure PostgreSQL gets performance insights
Summary: Detailed insights into query performance, optimization for slow-running queries, user-friendly interface. UPDATE
Azure Monitor Alert resources now visible
Alert resources in Azure portal, searchable, listed within subscriptions, resource groups, standard resource pane view. UPDATE
Vertex AI general availability for generative AI support
- Vertex AI now generally supports generative AI, offering enhanced capabilities for building custom AI apps.
- Access Google's text model powered by PaLM 2, Embeddings API for text, and more.
- Tools available for model tuning, deployment, backed by enterprise-grade data governance, security, and safety. UPDATE
Redis Extension for Azure Functions in Public Preview
- Redis extension for Azure Functions is in public preview.
- Enables Redis to trigger serverless workflows, beneficial for write-behind cache and event-based architectures.
- Compatible with various Redis data types and notifications. UPDATE
NPW Insights this week
- New York Life modernizes with cloud, cybersecurity
- Effective Test Automation Approaches for Modern CI/CD Pipelines
- ChatGPT bot streamlines code reviews