Cloud Switch…
5 Things to Do Before Moving to the Cloud
In this post, Ellen Rubin offers 5 steps that can help guide the thought process when considering a cloud deployment. She recommends that before moving an enterprise application to the cloud, you need to be sure that your expectations are realistic and your objectives match what the cloud can deliver. Here are the 5 things she suggests doing before moving to the cloud: determine your cloud objectives, pick an application that makes sense, involve the CSO/risk management team from the beginning, decide which cloud(s) are acceptable and create a sandbox where people can experiment. This article ties back to our series on Top Security Perils When Moving an Application to the Cloud— when you do move to the cloud, make sure you protect your applications with a dWAF.
Help Net Security…
Top 10 Application Security Trends
This article discusses The Denim Group’s list of the top application security trends for 2010. Some trends they list include Web mashup applications will result in new attack vectors, new data breaches will force organizations to focus on internal applications as well as external, organizations will finally start asking, “How are we going to fix these vulnerabilities?” They also predict organizations will move beyond scan-only approaches to application security, the application security market will continue consolidating, organizations deploying web application firewalls will increasingly use them for virtual patching and application security metrics will provide a foundation for decision-making.
Enterprise Systems…
Q&A: Understanding Private vs. Public Clouds
In this article, Linda Briggs, speaks with Kenneth Ziegler, president and COO of a managed services firm that offers private cloud computing. He explains the differences between public and private cloud computing and what each is best suited for. Kenneth describes the public cloud as typically being used for processing power or shared storage delivered to a client on a “pay-by-the-sip” basis (often dollars per CPU hour or dollars per GB of storage). While hosted private clouds include “shared-nothing” architectures, which are custom designed for enterprise clients who have specific performance, compliance, and scalability requirements. It is delivered in “pay-by-the-glass” increments, requiring a minimum high-availability configuration, with clients adding their own virtual machines as they grow, all fully managed by the service provider. Check out the rest of the article for Kenneth’s list of advantages to cloud computing as well as what users should be aware of.
Hyperguarding your Web Applications 