Channels ▼
RSS

Design

Survey: Cloud Hacking Is On a 'Vast' Scale



Security company Fortify Software used this summer's DEF CON 2010 conference to survey 100 professional hackers on the state of cloud security. An overwhelming 96 percent of those surveyed believe that cloud vendors as being generally negligent when it comes to addressing the security issues affecting their services.

Breaking down the survey responses, 21 percent believe that Software-as-a-Service (SaaS) cloud systems are viewed as being the most vulnerable, with 33 percent of the hackers having discovered public DNS vulnerabilities, followed by log files (16 percent) and communication profiles (12 percent) in their cloud travels.

DEF CON has evolved considerably since the first event was held back in 1993. Today this "hacker festival" attracts up to 8,500 of the world's top professional hackers and IT security researchers. "Anecdotal evidence suggests this year's Las Vegas event was even more successful, meaning that our survey results highlight the very real security challenges that lie ahead for cloud vendors and security defense professionals," said Barmak Meftah, chief products officer with Fortify Software.

"More than anything, this research confirms our ongoing observations that cloud vendors -- as well as the IT software industry as a whole -- need to redouble their governance and security assurance strategies when developing solutions, whether cloud-based or not, as all IT systems will eventually have to support a cloud resource," he added.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video