- Patching is best to address Shellshock/Bash bug, but blocking attacks before they get to vulnerable machines is quicker. These outside defenses can include new rules for Web application firewalls and network intrusion devices that would pick up on attack signatures, says Jeff Schilling, CSO of secure cloud provider Firehost and the former head of the U.S. Army Security Operations Center.
- Essentially, rather than selling raw infrastructure services, FireHost is laying a compliance offering on top of that infrastructure – customers can purchase a PCI or HIPAA focused CaaS offering that should help them with their auditing and reporting requirements.
- Cloud technology is used by more than 300 million people worldwide, but the problem may lie in weak password systems that can be easily compromised. "In some cases those security controls are not in place and allows them, to throw as many as 500 passwords at an account until it accepts one," Jeff Schilling of cloud service provider Firehost told CBS News correspondent Carter Evans.
- Why FireHost