Infrastructure-as-code templates are source of cloud infrastructure weaknesses

TechCentral.ie | February 06, 2020

Infrastructure-as-code templates are source of cloud infrastructure weaknesses
In the age of cloud computing where infrastructure needs to be extended or deployed rapidly to meet ever-changing organisational needs, the configuration of new servers and nodes is completely automated. This is done using machine-readable definition files, or templates, as part of a process known as infrastructure as code (IaC) or continuous configuration automation (CCA). A new analysis by researchers from Palo Alto Networks of IaC templates collected from GitHub repositories and other places identified almost 200,000 such files that contained insecure configuration options. Using those templates can lead to serious vulnerabilities that put IaC-deployed cloud infrastructure and the data it holds at risk. “Just as when you forget to lock your car or leave a window open, an attacker can use these misconfigurations to weave around defences,” the researchers said. “This high number explains why, in a previous report, we found that 65% of cloud incidents were due to customer misconfigurations. Without secure IaC templates from the start, cloud environments are ripe for attack.”

Spotlight

Uptime Infrastructure Monitor is an enterprise tool that provides a unified view for IT-systems monitoring. Through proactive, comprehensive and integrated monitoring and reporting, Uptime Infrastructure Monitor gives complete visibility and control over the availability, performance and capacity of your IT environment, from applications, to servers and virtual machines, to network devices.

Related News

Nutanix Announced the availability of Nutanix Clusters on AWS

Business Wire | August 12, 2020

Nutanix (NASDAQ: NTNX), a leader in enterprise cloud computing, today announced general availability of Nutanix Clusters on AWS, extending the flexibility and ease of use of the company’s hyperconverged infrastructure (HCI) software, along with all Nutanix products and services, to bare metal Amazon Elastic Compute Cloud (Amazon EC2) instances on Amazon Web Services (AWS). With this announcement, Nutanix delivers hybrid cloud infrastructure one that allows businesses to accelerate their digital initiatives and optimize spending, priorities further amplified in the age of COVID. Nutanix offers a single stack that integrates compute and storage, provides unified operations across private and public clouds, integrated networking with AWS, and license portability from private to public clouds, thus addressing key technical and operational challenges of the hybrid cloud era.

Read More

APPLICATION INFRASTRUCTURE

Evenstar Distributed Unit Launched by Silicom to Help OpenRAN Adoption

Silicom | March 08, 2021

Silicom Ltd. a main supplier of systems administration and information framework arrangements, today reported the dispatch of its O-RAN agreeable, Evenstar Distributed Unit (DU) in a joint effort with Facebook Connectivity and other Evenstar accomplices. The Evenstar DU tends to the developing portable administrator interest for best-in-breed, unbundled DUs that meet 3GPP and O-RAN determinations to encourage the carry out of OpenRAN 4G and 5G organizations. "We are delighted to be selected by the Evenstar program to introduce our unique DU to a market awaiting OpenRAN-compliant solutions," commented Shaike Orbach, Silicom's CEO. "Through this collaboration, we will provide operators with groundbreaking functionality that takes their network flexibility and performance to a new level – such as advanced offloads and time synchronization - at highly competitive price points." Dispatched a year ago as a team with various industry players, the Evenstar program means to speed up the reception of OpenRAN arrangements by contributing RAN reference engineering to the Telecom Infra Project's OpenRAN Project Group. The idea driving OpenRAN is to empower administrators to decouple key organization segments, including RUs (Radio Units), DUs (Distribution Units) and CUs (Central Units), empowering most awesome aspect breed parts from different sellers to be joined into networks for prevalent execution. This methodology is key for driving advancement and decreasing organization costs. "We are excited to collaborate with Silicom and other ecosystem partners to build Evenstar components for 4G and 5G networks," commented Jaydeep Ranade, Director of Wireless Engineering for Facebook Connectivity. "A healthy ecosystem of OpenRAN vendors plays a huge role in accelerating the deployment of simplified, flexible and efficient RAN technologies."

Read More

Qualcomm Introduces New 5G Infrastructure Platforms to Drive Cellular Ecosystem Transition to vRAN and Interoperable Networks

newswiretoday | October 20, 2020

Qualcomm Technologies, Inc. today announced a full portfolio of 5G infrastructure semiconductor platforms designed for broad deployment scenarios, ranging from macro base stations with massive MIMO to micro base stations with compact designs, to accelerate the cellular ecosystem transition toward virtualized and interoperable radio access networks (RAN) a trend driven by 5G. Qualcomm Technologies is introducing three new 5G RAN platform offerings: Qualcomm® Radio Unit Platform, Qualcomm® Distributed Unit Platform, and Qualcomm® Distributed Radio Unit Platform. The new platforms are the world’s first-announced solutions purposely-designed from the ground up to support leading mobile operators in the deployment of a new generation of converged, open and virtualized RAN (vRAN) networks. These platforms are designed to enable infrastructure OEMs to transform public and private wireless networks into a platform for innovation and deliver on the full potential of 5G.

Read More

Spotlight

Uptime Infrastructure Monitor is an enterprise tool that provides a unified view for IT-systems monitoring. Through proactive, comprehensive and integrated monitoring and reporting, Uptime Infrastructure Monitor gives complete visibility and control over the availability, performance and capacity of your IT environment, from applications, to servers and virtual machines, to network devices.