Time To Innovate (TTI): Amazon Cloud Access Control and Bromium vSentry

Leave a reply

Listen to this post Listen to this post here:   Yesterday Amazon announced it is starting to provide AWS role based resource access control. This follows the previous announcements regarding other AWS services, being integrated into Amazon’s IAM framework:

AWS Elastic Beanstalk Supports IAM Roles

AWS Identity and Access Management (IAM) Adds Support for Variables in Access Control Policies

We can say one thing for sure about Amazon: Amazon is going through a constant continuous improvement cycle, complementing its cloud service portfolio. This surely is attractive for IT professionals looking for a restless innovative solution provider, understanding that in many cases, the active improvement process is much more important than the “static perfectness” state others try to reach.

On the other edge of the spectrum, take a look at the vSentry end-user threat protection solution from Bromium, and what’s interesting to me are their 2 core innovations:

Micro-Virtualization creating a transparent shield for any un-trusted application, which allows the user feel safe, and avoid irrelevant alerts, as the un-trusted application they use, can try and do harm, to find itself isolated, without any actual modification of user data. All the affects of the malware are cleaned up, as its virtual sandbox vanishes as soon as the application exits. That’s based on the Intel VT technology.

This also enables the second innovation – Task Introspection. Since applications can do anything they want, be it as malicious as they can, as they are getting virtual rather than actual access to the system’s resources, an attack can be recorded and reviewed, at will, saving forensics time and effort.

In this case as well, what’s important to note, is the rapid exploitation of the opportunity to innovate, using current tools (such as Intel VT). Sure, this solution is not perfect, and will be circumvented at some point, but it does offer a pain-killer type of remedy, which IT professionals are likely to quickly grab.

I believe there should be a new term for us to useTime To Innovate (TTI) – which is about measuring how much time it takes you to innovate, as soon as an opportunity is presented.

Are you rapidly innovating as well, or endlessly trying to perfect your solution?

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s