Protect Your PaaS with PSAD Network Security Monitoring

My favorite solution for monitoring outbound port issues is PSAD. PSAD was created by Michael Rash of Cipherdyne.org. It performs pattern matching off of IPTable’s rules to determine what is going on in your instance. It even incorporates some Snort signatures. It is light weight and highly effective.

We’ve had it in production for a short time and it has paid dividends! It’s allowed me to see many issues before they became a real system issue, or before receiving a notice from our IaaS provider. This has also allowed me to work with users to improve their applications. In this post I’ll tell you a little bit about how we use it.

Read More...

Team Effort Tackles the Heartbleed Bug

You may have heard of the Heartbleed Bug yesterday. This was one of those bugs you fear ever getting. It allowed for remote users to capture your private ssl key and was introduced through the common OpenSSL package. Once the RHEL team completed their tests and RPMs were signed with the official RHEL key, our operations team deployed the official RPMs to production immediately, knowing that they had already passed all of the tests in our development environment combined with the RHELteam’s testing processes.

Read More...

Red Hat’s OpenShift and SCAP – PaaS Security At Its Best

I wanted to give a little insight as to the type of security automation that happens in the background of OpenShift. As a provider, it’s always a little scary to talk about what is behind the scenes or isn’t. I have blogged in the past about OpenShift’s use of cgroups, poly-instantiation and SElinux. There are […]

Read More...

Getting Started with OpenShift Origin Security in the Cloud

If you have tested Red Hat’s OpenShift Origin, you have experienced the value and endless possibilities this PaaS will bring to a large enterprise being deployed on site. For the last year, I have been developing security for this great new application platform. To save you a few headaches, and help your understanding of this […]

Read More...

Data in the Cloud – It’s an Opportunity not a Problem

A few weeks ago I watched a show called “The Communicators”, on C-SPAN television.  The title of the show was “The Future of Cloud Computing, Cyber Security and Cloud Computing”, which originally aired on October 11, 2011. One of the guests was California Congressman Dan Lungren, Chairman of the Homeland Security Subcommittee on Cyber Security, […]

Read More...