14.1 C
London
Saturday, September 23, 2017
Home Tags AWS

Tag: AWS

Now is a good time to go check your own Amazon settings.
It's OK, we'll wait Yet another major company has burned itself by failing to properly secure its cloud storage instances. Yes, it's Verizon.…
Therersquo;s yet another cloud service from AWS: Amazon Lex, which lets developers build conversational interfaces into applications for voice and text.
It usesnbsp;the same deep learning technologies that power Amazon's Alexa voice assistant.Lex lets you quickly build natural language conversational bots, aka chatbots. Microsoft has a similar technology, called the Microsoft Bot Framework. This seems to be a common service that most public cloud providers are looking to provide, not to mention many third parties that offer chatbot technology as well.To read this article in full or to leave a comment, please click here
Passwords, server schematics and encryption keys up for grabs in open file store Updated  Media monster Viacom has been caught with its security trousers down. Researchers found a wide-open, public-facing misconfigured AWS S3 bucket containing pretty much everything a hacker would need to take down the company's IT systems.…
In this final segment of our ongoing series about right-sizing public cloud instances for optimal performance and cost efficiency, we are focusing on a common source of cloud overspending: deadwood.Idle or “zombierdquo; instances plague many public cloud environments, insidiously wasting your opex budget dollars.

This deadwood can occur without you even realizing it, and is often the result of hasty deployments or a lack of accountability in the cloud world.
Someone in the organization lights up an instance for a short-term use and then forgets to shut it down. Workloads change over time and no one goes back to eliminate the now idle instances.

The fact is, most organizations donrsquo;t have an effective process for managing cloud instances and identifying idle instances.

Given the complexity of invoicing from these providers and the lack of visibility into workload patterns, it is often hard to really know what is truly idle. Over time, the deadwood piles up.To read this article in full or to leave a comment, please click here
In previous blog posts wersquo;ve discussed the challenges organizations face in choosing the right cloud instances, and how understanding workload patterns is critical to right-sizing public cloud instances for optimal CPU and memory efficiency.
In this post, wersquo;ll look at a key aspect of instance selection that plays a critical role in optimizing AWS, Azure, and Google Cloud spend:   modernizing your instances.Modernizing public cloud instances is the act of moving from an existing type of instance to a newer version of that offering. Newer instance types are often hosted on newer hardware, which typically offer higher performance and better processing power. Just like on-prem virtual environments, more powerful hardware enables you to get more bang for your cloud resource buck. Our experience has shown that when you both modernize and right-size your instances, cost savings average 41% — approximately double the savings that right-sizing alone delivers.To read this article in full or to leave a comment, please click here
In the first blog in this series, we looked at why itrsquo;s so important to look at an applicationrsquo;s workload patterns when sizing for any public cloud, including AWS, Microsoft Azure, Google Cloud Platform, and others.
In this post, wersquo;ll look at another common pitfall that we call the cloud instance “bump-up loop.”Herersquo;s how it works. You use a reporting tool that says your application workload is running at nearly 100% utilization for 3 hours overnight (see figure below). DensifyThe tool is designed to interpret high utilization as bad, and concludes that the workload is under-provisioned.
So, it recommends bumping up the CPU resources, and in doing so increases your costs.

But a funny thing happens: despite the change, the next day the workload still runs at 100%, just for a shorter period of time. Once again, tool says to throw more resources at it.

The next day you see the workload still runs at 100%, but again for a shorter period of time.

And so on. Now yoursquo;re stuck in the endless capacity bump-up loop.To read this article in full or to leave a comment, please click here
Sigh.

Admins of free AWS instances just didn't tick the right boxes. Lazily-configured software has again created a security incident, this time resulting in 4,000 instances of open source analytics and search tool Elasticsearch inadvertently running PoS-stealing malware.…
US cable giant the latest victim of S3 cloud security brain-fart Records of roughly four million Time Warner Cable customers in the US were exposed to the public internet after a contractor failed to properly secure an Amazon cloud database.…
600 gigabytes of information, including SQL database dumps, code, access logs, and customer information, belonging to BroadSoft and its client, TWC, was left online, accessible to anyone.
Thousands of resumes and job applications from U.S. military veterans, law enforcement, and others were leaked by a recruiting vendor in an unsecured AWS S3 bucket.
There are a few people who are truly savvy about cloud computing, but most are just posers.Here is a quick test to see if yoursquo;ve got the right stuff.[ What is cloud computing? Everything you need to know now. | Also: InfoWorldrsquo;s David Linthicum explains how to move into a cloud career from traditional IT. ]Do you understand that serverless does not actually mean it is serverless? If yes, give yourself 10 points. Do you believe “cloud formationrdquo; is actually a formation of rain clouds? If yes, take away 5 points. Do you believe “cloud governancerdquo; means Amazon Web Services is obeying the law? If yes, take away 5 points. Do you think that “identity managementrdquo; is inside your wallet or purse? If yes, take away 5 points. Do you know that Kubernetes is a container-orchestration tool, and not a new Eastern religion? If yes, give yourself 15 points. Do you think cloudops is the opposite of cloud computing? If yes, take away 5 points. Can you can name 20 AWS services, and include 10 APIs for those services? If yes, give yourself 20 points. Have yoursquo;ve used the term “cloudrdquo; more than 100 times today? If yes, take away 10 points. So, whatrsquo;s your score?To read this article in full or to leave a comment, please click here
The news of the week is discussed, including the AWS S3 leaks, Zerodium's bounty on messaging app zero days, Ropemaker, and cobot vulnerabilities.