Hi all, Big Data is for sure one of the biggest trends of the last few years. Besides the conceptual discussions on what big data actually is and what amount of data can be defined as such, any technology that quickly becomes widespread is relevant to security as well. A bit of History When talking about…
In a previous post I explained how to create basic AWS Credentials with IAM.
In this post, I explain how to create Advanced AWS Credentials with IAM. As sample, I choose to use our solution Elastic Detector for Continuous Monitoring that required an advanced IAM user for enabling AWS connector.
Hi all, a few days ago Whatsapp announced that end-to-end encryption is finally available on iOS and Android (only if you have the latest version of Whatsapp installed). That’s great news! It’s worth pointing out it’s been a while that users have been asking for this feature, and other applications have been providing it with…
Hi all, if you know us (if you don’t, this is a perfect time to catch up), you should know that SecludIT is mostly committed on building a great and cuttind-edge vulnerability scanner. Today we want to put emphasis on something that is often underrated when talking about security: user awareness. Indeed, our vision is…
Hi there, recently, during the Black Hat USA 2015 event, some cyber security experts from Imperva unveiled a serious vulnerability that affected (it’s been fixed now) several major Cloud Storage services such as Google Drive and Dropbox. Also, they put in place a practical attack named “Man in the Cloud” (in French). The vulnerability and the corresponding attack…
Hi there, recently, data leaks and various security incidents have been constantly part of daily news and scandals. From an end-user point of view, it looks like storing confidential data in the cloud is a serious risk, especially when dealing with sensitive and strategic data. Why? Thanks to the confession of Edward Snowden, we now know for sure…
Hi there, today I want to share with you guys the results of my analysis on public Amazon’s buckets. In the context of my research activity on data security in the cloud and the security of Amazon EC2, I was inspired by the recent analysis performed by Rapid7. After looking at their study, I started…
Hi there, a couple of weeks ago I’ve attended CyberTech 2014, one of the most exciting industrial conferences for security experts. If you have read this blog before, you probably know that I’m pretty interested in encryption (see ClouDedup). That’s why my attention was first caught by the solutions proposed by Secure Islands and Vaultive.…
SecludIT has been selected for being one of the Innovating SMB Company during the “Forum International de la Cybercriminalité” in Lille. I personally had the chance to meet Jean-François Audenard which is Cyber Security Advisor at Orange. I really appreciated and had a lot of fun making a short video with him. Please take a…
As 2014 kicks off, we at SecludIT would like to wish you a fantastic start to 2014! Starting the year, we would like to share some great news on SecludIT being a Security Trailblazer Finalist. This is a new concept in awards, designed explicitly for startups exploring uncharted territories in various fields, including cloud security.…
In order to retrieve and list your assets (Instances, Security Groups) from your Amazon Web Services EC2 account through API, Elastic Detector need ReadOnly credentials. Here is how to create such credentials using Amazon Web Services Identity and Access Management (IAM). Step 0: Login to your Amazon Web Services account through AWS Console, and open…
Hi there, in my previous post I presented ClouDedup, our solution for deduplication over encrypted data. I’m now gonna talk about how ClouDedup can be successfully deployed in order to address a very common use case: Backup. Doing regular backups is a strongly recommended practice, even though it happens very often that people don’t know how important a…
Hi there, in this post I will have the pleasure to introduce our proposed solution for secure block-level deduplication. We presented this work at IEEE CloudCom 2013 (here you can find the slides). Before going into detail, let me explain what deduplication is all about and why we need it. It’s well known that the user…
Hi there, in the previous post on ZMap we gave an overview on this new tool for high speed Internet scanning. In this post we will go into detail by showing remarkable findings and results achieved thanks to ZMap. The first finding we will talk about concerns SSH and HTTPS keys. ZMap’s creators found out…
Hi there, we are proud to announce that PenTest Magazine published our article titled “Detecting attacks and threats in elastic cloud infrastructures: the case of side-channel attacks”. You can download it here after a free registration. In this article we investigated the issue of detecting attacks and threats in elastic cloud infrastructures and gave further…
Elastic Security 