Dome9 Security Blog

Welcome to the Dome9 Security Blog

Follow us to Get the Latest on Dome9 and Cloud Security

  • New ‘Region Lock’ Feature Locks The Stable Door Before The Horse Is Stolen

    August 24, 2015

    Screen Shot 2015-08-24 at 10.48.09 AM

    Dome9 has always been your born-in-the-cloud solution for designing and enforcing a rock solid security policy that can keep up with the pace of change associated with the public cloud. We are now happy to showcase Dome9 Region Lock, a new feature that continues our commitment to ensuring that our customers are in complete control ...

  • The New and Improved Dome9 SecOps Alerts

    August 19, 2015

    Screen Shot 2015-08-24 at 10.31.12 AM

    If you are a Dome9 SecOps customer, you might have noticed that the alerting system within the product has undergone some significant changes recently. We’ve made alerts more meaningful with the introduction of additional data including location, tags, severity, and more. The result is smarter, more context aware alerts and heuristics. We’ve also brought much more ...

  • The Power of Search – NEW Dome9 Policy Reports!

    August 6, 2015

    Screen Shot 2015-08-06 at 4.02.47 PM

    One of the strong attributes of Dome9 SecOps that our customers love is the simplicity and the time to value of the service. Going from scratch to a comprehensive security framework with a broad array of security and compliance controls is a process now measured in minutes instead of hours or days. Customers can quickly ...

  • AWS Security Group Management is NOT a Checklist of Tasks

    July 30, 2015


    A recent blog post by Harish Ganesan describes 27 best practices for managing AWS security groups. The post received many comments and lots of attention, which certified what we, at Dome9 Security, already know: Security Groups are one of the main pillars of network security in the cloud, but often present many new challenges. On AWS, Security ...

  • Getting Started with Network Security from the Leading Cloud Trio: AWS, Azure and Google

    July 13, 2015


    All public cloud vendors provide the notion of a software defined data center with its own resources and secure networks. A strict separation exists between the various customers’ environments on a common and flexible infrastructure. Over the last two years, competition has increased as Azure and Google joined the AWS led IaaS cloud market. As a ...

  • Yes, Dome9 Clarity Visualization now supports AWS CloudFormation

    June 26, 2015


    On the heels of another great set of Dome9 Clarity Visualization updates, we are happy to share new AWS CloudFormation template support for Clarity Visualization.  Amazon Web Services customers can now further leverage the investment they have made in AWS CloudFormation by utilizing Dome9 to visually display the network security ‘footprint’ and to highlight vulnerabilities ...

  • Cloud Security MRI with Dome9 Clarity Visualization

    June 1, 2015

    Dome9 Clarity Visualization

    One of the things our customers love about us on the Amazon Web Services platform is Dome9 Clarity Visualization – our unique and innovative console to visualize AWS security policies by mapping security group and instance configurations and relationships.  Armed with Clarity Visualization, customers can for the first time get a real-time topology map of ...

  • The Magic of Beginnings

    May 12, 2015

    Patrick Pushor

    “Be daring, be different, be impractical, be anything that will assert integrity of purpose and imaginative vision against the play-it-safers, the creatures of the commonplace, the slaves of the ordinary.” — Cecil Beaton When I ‘officially’ began my IT career in 1995, I had no idea I would wind up here – at the intersection of ...

  • Introducing the new Dome9 user experience

    October 29, 2014


    One of the characteristics of a strong product team is a penchant for continuous improvement and that is one of the ways we measure ourselves at Dome9. The changes that we have introduced last week to our UI are a direct result of those exacting criteria.

  • Consuming Dome9 Events in Log / SIEM Systems

    May 16, 2014


    (or how can Dome9 play nicely in a large security orchestra) This is something we keep getting asked by our users so I decided to write a little blog series on this hot topic. Dome9 & AWS SNS  Integration Not so known is the fact that Dome9 can send your Dome9 events (those ones from the Audit tab) ...

  • Announcing 2 new Dome9 API Capabilities : IPLists and Blacklist TTL

    November 26, 2013


    Dome9 is pleased to announce 2 new capabilities to our API: 1. IP Lists API Dome9 users can now utilize IPlists programmatically – with full CRUD operations. This is especially useful when there is a need to automate trust with external entities or IP addresses that are not part of an existing AWS security group(s). Examples include ...

  • Secure your AWS Cloud and solve the energy crisis

    November 11, 2013


    Its simple, start a 30 day Dome9 trial and connect it to secure your EC2 and VPC networks and hosts. You’ll win twice: Peace of mind, and a Personal power pack. Dome9 SecOps for AWS coupled with Dome9 Clarity is the best way to manage your AWS network and host security. Period. Take this opportunity to join ...

  • Attending re:Invent? Schedule a Private Security Analysis of your AWS Cloud

    November 7, 2013


    The Dome9 team is heading to Las Vegas for the cloud event of the year: AWS re:Invent 2013 Dome9 empowers AWS cloud users by enabling them to execute optimal security preferences to meet their business goals. Now, with the introduction of Clarity, DevOps, IT and security teams are granted a detailed visual picture of their permitted ...

  • Dome9 Clarity – Street-view for AWS Security

    October 9, 2013


    We are thrilled to announce the launch of Dome9 Clarity. This new solution provides an actual visual picture of your Amazon EC2 and VPC and Security Group configurations. Do you have the ability to completely audit your entire AWS estate for security at the click of a button? In the past, reviewing an AWS cloud firewall ...

  • Dynamic blacklisting meets the Honeyport honeypot

    August 26, 2013


    We have released our blacklisting feature a while ago and made sure it is fully supported by our Cloud Security API to allow Dome9 users to automate adding suspicious IP addresses to their account-wide blacklist. Recently, our friend Sebastien @securitygen who runs Security Generation has decided to put the blacklist API to use and connected it to what he calls, ...

  • Meet the Dome9 Team at AWS Summit Events

    April 14, 2013


    Dome9 is a proud sponsor of three AWS Summit events, taking place this April 2013 AWS Summit New-York City April 18th AWS Summit London April 23rd AWS Summit San Francisco April 30th Meet Our Team We invite everyone to visit our teams, introduce themselves and get a preview of what’s coming up from Dome9 later this year. You’ll have a chance to meet the team ...

  • New Cloud Security API & Amazon SNS Intergation

    March 21, 2013

    Screen Shot 2013-03-18 at 1.00.57 PM

    I’m excited to announce the availability of our new cloud developer API to our rapidly growing community of users, developers, IT experts and security geeks. The new API, available at, allows you to programmatically interact with our service and tightly integrate our secure access leasing with your applications and infrastructure. With this, you can seamlessly grant ...

  • 5 Reasons VPNs Suck in the Cloud

    February 14, 2013


    If you’ve been around the block a few times, you’re probably wondering why the title of this post isn’t, 50 Reasons VPNs Suck in the Cloud. VPNs have long been the bane of both administrators and users (and lets not forget, support). They’re clunky, complex, and costly, and the same is true when they’re deployed ...

  • Patriot Act vs Data Protection Laws – USA vs Europe

    February 6, 2013


    This is a guest post written by our friends at Lunacloud. Security and Privacy are two sides of the same coin. You don’t want to risk your information by having the wrong policies or wrong technology in place. But in the legal landscape your information or your customer’s information can be sent to a third-party, without ...

  • 5 Biggest Mistakes Admins Make With Cloud Firewalls

    February 4, 2013


    The Cloud can be a great investment for most organizations. It offers the promise to significantly increase capacity and agility, while simultaneously reducing costs. Companies invest significant resource to attain a great ROI in the cloud, but if that investment isn’t secured, migrating could turn out to be a disaster. Most cloud adopters underestimate ...

  • New AWS Security Monitoring & Alerting

    January 29, 2013

    AWS Monitoring

    Monitor, audit, and get alerts for your Amazon cloud We’re pleased to introduce an all-new set of capabilities for AWS EC2 and VPC. Available with our SecOps for AWS service, Dome9 can now monitor security policy for your entire global AWS infrastructure, including: • Monitor one or more AWS Security Groups for changes and ...

  • PCI Compliance for AWS EC2 & VPC

    January 16, 2013

    PCI Credit Card

    Making sure you’re PCI compliant in Amazon Web Services We recently published some information on PCI Compliance in the Cloud, highlighting how Dome9 can help with several sections of the PCI DSS regulation for cloud computing. As a follow up, we thought we’d dive a bit deeper into how this applies within AWS EC2 & ...

  • 5 Cloud Security Tips for 2013

    January 8, 2013


    If you’re like most, cloud is going to be a big part of your life in 2013. So to help you start the year off right, we’ve prepared the following tips for securing your cloud servers. Here are your 5 cloud security tips for 2013 (in no particular order): Tip #1: Lock down the server firewall Big ...

  • It’s Here – Stone Cold Blacklisting [Updated]

    December 10, 2012


    It’s probably been our #1 most requested features, so we’re pleased to announce that Dome9 now boasts blacklists for servers securef via the Dome9 Agent. Last month we unveiled our IP Lists feature, which lets you define lists of IPs that you can use in rules spanning multiple servers and clouds. Now, added to this, ...

  • New Dome9 Pricing Plans

    November 15, 2012

    Pricing Thumbnail

    As you may have heard, we recently changed our pricing plans. So we thought we’d take a minute here to explain what exactly has changed and why we did it. What’s changed, and why? Frankly, a lot has changed and for good reason! We changed our billing model from utility to flat-rate, we added a ...

  • Customer Love: From Skeptic to Evangelist

    November 12, 2012

    Smiley Cloud

    Every now and then a customer writes you – out of the blue – to send a little love your way. We’re extremely fortunate to have this happen more and more these days as we grow. Most of the time folks write us with a technical question or feature suggestion. We LOVE these kinds ...

  • New MagicDNS & IP Lists for Dynamic Policy [Updated]

    November 7, 2012

    Cloud Wand

    One of the great things about Dome9 is our focus on making cloud server security simple. So it’s with great pride that we unveil a simple, yet incredibly powerful new set of dynamic policy controls that we think you’re going to love! Feature #1 – Dome9 IP Lists As a Dome9 user, you can now define ...

  • Behind the Scenes of SecOps for AWS

    October 31, 2012

    SecOps Blog Post copy

    We’ve recently announced SecOps for AWS – a purpose-built security management platform for AWS power users. So, I thought I’d take a moment to give everyone a peek behind the curtain of this new offering. Before SecOPs for AWS Dome9 has been able to control and manage AWS security groups for more than a year – static ...

  • Microsoft’s Big Blunder in Windows Server 2012 [Updated]

    October 2, 2012

    Windows Server License Pack

    Try before you buy Windows Server? Not anymore… Windows Server is facing a big challenge both in the traditional enterprise and in the cloud. Linux continues to gain momentum, especially as we see growth in the adoption of cloud and virtualization, driven in part by the fact that these cool and agile Linux distributions come at ...

  • Ubuntu Firewall – 5 Commands to Get Started

    September 26, 2012


    As one of the most widely deployed cloud server operating systems (OS), Ubuntu Server is a great platform to use in just about any cloud. The latest version (12.04 LTS) provides some great new enhancements spanning orchestration and provisioning, as well as OpenStack deployment for private clouds. But how’s the security – specifically, the firewalling? ...

  • Cloud, Meet Mobile!

    August 31, 2012

    iPhone App Button

    Introducing the Dome9 iPhone App It’s with great pride that we announce the availability of the Dome9 iPhone App! Our new iPhone App is available free in the Apple App Store. It provides on-demand secure access to your cloud servers right from your phone. Watch this short video to see how it works! Dome9 iPhone App ...

  • Demystifying AWS Infographic

    August 24, 2012

    Screen Shot 2012-08-24 at 11.33.02 AM

    Our friends at Newvem are at it again. They’ve just released an incredible infographic on Demystifying Amazon Web Services (AWS). The new infographic demonstrates the size of Amazon’s cloud and reveals usage analysis including a deep dive on reserve instances. And, since this comes from Newvem – the experts in usage analytics – it ...

  • Rackspace Cloud Security Tip #4

    July 31, 2012


    Securing a Rackspace Hybrid Cloud We’ve covered a lot of ground already with our Rackspace Cloud Security blog series. In our last three posts, we’ve said how to:   –  Make your Rackspace servers invisible;   –  Create Rackspace Security Groups; and   –  Setup multi-user secure access. Now, to round out this month’s series, let’s close with five must-have’s to secure your Rackspace hybrid cloud. Just ...

  • Rackspace Cloud Security Tip #3

    July 24, 2012


    Multi-user Rackspace Cloud Security In our last post on creating Rackspace security groups, we went in-depth on how (and why) you should setup group-based policy management for your various Rackspace cloud servers. So now that we’ve shown how to configure policy for your servers, let’s now do the same for your users. Managing access to your ...

  • Rackspace Cloud Security Tip #2

    July 20, 2012

    Cloud Puzzle

    Create Rackspace Security Groups In our last post on securing Rackspace cloud servers, we talked about closing service ports like RDP and SSH to ward off hackers and enable secure, remote access. So now that we’ve locked the machines down, let’s turn our attention to management. Security management is often overlooked as a critical enabler to the ...

  • Rackspace Cloud Server Security Tip #1

    July 18, 2012

    Screen Shot 2012-07-18 at 4.05.03 PM

    As you may have seen, we’ve just made Dome9 available via the enhanced Rackspace Multi-Cloud Marketplace. Now Rackspace customers can sign up for either our Lite Cloud or Business Cloud plans and add Dome9 directly to their monthly Rackspace bill. So to support our launch, we thought we’d highlight a few cool things you can ...

  • Pair Your Cloud and Mobile Security

    July 11, 2012

    MDP Thumbnail 150px

    New strong, 2-factor authentication combines the best in cloud and mobile for enhanced security We’re pleased to introduce our new strong authentication feature for Dome9’s cloud security management. Dome9’s strong authentication works across all PCs and mobile devices with no dedicated hardware token, making it easy to get secure, two-factor authentication on-the-fly from anywhere in the world. Our ...

  • New Dome9 Magic IPs for CloudFlare [Updated]

    June 28, 2012


    We’ve just released a new feature for Dome9 called Magic IPs, and invite you to setup yours for your CloudFare protected web servers. Magic IPs are specific IP address lists that Dome9 maintains, and we’ve created one called {cloudflare} for CloudFlare customers like you. Dome9 Magic IPs allow trafficonly through the CloudFlare network When you setup your ...

  • Vulnerabilities Plague Microsoft Windows Servers Remote Desktop Protocol (RDP) Port 3389

    June 18, 2012


    Microsoft warns of yet another CRITICAL vulnerability and advises customers to act quickly. Dome9 customers remain protected. In what’s become a somewhat routine occurrence, Microsoft has issued yet another alert detailing a critical operating system vulnerability affecting it’s customers – CVE-2012-0173. Read the Microsoft security bulletin Similar to others before it, including the announcement of CVE-2012-0002 (March, ...

  • Your Copilot in the Cloud

    June 5, 2012


    Make Securing Your Cloud Servers a No-Brainer Securing your cloud servers is ultra critical. But unfortunately it can also be pretty complex, and not everyone can be a security guru on top of his or her day job. So we’ve built a cool little tool called the Dome9 Copilot to make cloud security a ...

  • VPN Clients are Dead in the Cloud

    May 16, 2012


    That’s it – I said it! Why, you ask? Because VPN clients are useless, a pain in the butt, and provide no value when deployed to secure cloud server access! VPN clients were born to protect the authentication phase and make sure you don’t send passwords in the clear. The confidentiality of your email or intranet communications ...

  • On-Demand Security for HP Cloud

    May 11, 2012


    Following our announcement supporting the new HP Cloud as one of a select few security vendors in the HP Cloud Services partner ecosystem, we thought we’d give this brief post on how to secure your HP Cloud Servers with Dome9. First, for those that aren’t aware, HP Cloud has just launched a public beta, offering a ...

  • Bringing Sexy Back to Security

    April 25, 2012

    Dome9 Chrome App - Browser Button

    That’s right – we said it… and frankly we think it’s about time someone did! We’re focused on making cloud security simple and dare we say, sexy. And in that light, we’re pleased to unveil something new that we think you’re going to fall in love with: Dome9 Instant Access. Available today for ...

  • Cloud Security Infographic Asks How Good is Your Cloud Security?

    April 19, 2012


    New cloud security infographic asks, How Good is Your Cloud Security? The data comes from the Ponemon Research report on Managing Firewall Risks in the Cloud, which is available at

  • SoftLayer Spotlight Shines on Dome9

    April 4, 2012

    Dome9 in SoftLayer Marketplace

    We’re pleased to announce that we’ve partnered with industry leader SoftLayer to make Dome9 available in the SoftLayer Technology Marketplace. Available immediately, SoftLayer dedicated, managed, and cloud server customers can sign up for Dome9 at and add our automated cloud security to any SoftLayer server. Cloud servers are often left vulnerable to attack because they operate ...

  • How to Eliminate Threat to Cloud Servers from Microsoft RDP Vulnerability

    March 22, 2012


    Last week Microsoft released Critical Security Bulletin MS12-020 announcing a vulnerability in the Remote Desktop Protocol (RDP) affecting all of its OS server licenses. The vulnerability allows hackers to gain control of any Windows server running RDP and execute remote code without any authentication to the server. The exploit affects all versions of Windows Server ...

  • Securing Your Virtual Private Cloud

    March 14, 2012


    The value of automated cloud server firewall management to actively protect public facing network services is obvious; a “closed by default” approach where network ports are opened on-demand and only for as long as you need them to be, and only for the correct users ensures the servers outside your traditional perimeter are continuously secured. ...

  • Now there’s no excuse not to Secure Your Cloud™

    March 7, 2012


    Introducing Dome9 Lite Cloud – 100% Free Security for Any Server in Any Cloud First off – yes, it’s free. And not just for one server or a few dozen… it’s free for an unlimited number of servers. There aren’t any fees, now or ever, and just to prove it you don’t have to enter your ...

  • The Calm Before the Storm

    February 25, 2012


    It’s the weekend and our last bit of calm before an amazingly busy next week in San Francisco at the RSA Conference 2012. We’ve got an exciting week of activities planned, which we’ve outlined below. If you happen to be at the conference or would like to meet up in San Francisco, let us ...

  • Amazon’s AWS EC2 Security Made Easy

    February 8, 2012


    New Multi-Region & Account Management for Amazon’s AWS EC2 Security Groups That’s Right! We’re proud to unveil the first-ever multi-region, multi-account management for AWS EC2 Security Groups. Available in Dome9 Central, you can now centrally manage EC2 Instances from multiple regions – even those from multiple accounts – with Dome9. Adding an AWS region is fast and ...

  • Announcing Dome9 Security Groups

    January 25, 2012


    Wow – what an amazing year 2011 was for the team at Dome9 Security. We came out of stealth mode, announced funding, launched general availability, unveiled a slew of exciting new partnerships, and now, to kick off the new year, we’re unveiling our latest engineering feat, Dome9 Security Groups. Dome9 Security Groups is an all-new ...

  • Dome9 Recognized for Security Innovation

    January 10, 2012


    We’re honored to be among ten recently announced finalists for the “Most Innovative Company at RSA Conference 2012.” The RSA Conference is the capstone security conference of the year. Being chosen recognizes the hard word and expertise of all the contributors on our team, and to the many customers and partners whose feedback has helped shape ...

  • The Big Crack in Cloud Security

    January 5, 2012


    With the New Year having rolled in, you’ve probably had your fill of “This is the year of (pick your technology, fill in the blank)” predictions. After all, for how many years now have we heard, “This is the year for cloud computing?” While there’s no doubt that the wave of cloud computing continues to ...

  • New Partnership Extends Dome9 to Colocation Market Leader

    December 7, 2011


    We’re pleased to unveil our new partnership with market leader Colocation America. Established in 2000, Colocation America has quickly grown to become one of the most reliable data center providers in the United States, and the premier Los Angeles data center provider. Our new partnership offers Dome9’s firewall management service to Colocation America’s growing customer ...

  • Dome9: Automated Firewall Management for Rackspace Cloud Servers

    November 9, 2011

    Dome9 Securing Rackspace Cloud

    This is a guest post written by Zohar Alon, Co-Founder and CEO of Dome9 Security, a Rackspace Cloud Tools partner. Dome9 provides the first-ever automated cloud firewall management service to secure your Rackspace Cloud. The original post is available at You wouldn’t leave your car unlocked in a public parking lot…don’t leave your server ...

  • Best Growth Stock Deploys Dome9 Cloud Security

    October 25, 2011


    Dome9 Cloud Security Firewall Management Protects Servers for Leading Financial Analysis Website; Saves Time and Money While Consolidating Server Infrastructure Best Growth Stock is a premier financial analysis and content provider, servicing thousands of customers and partners, including Reuters, with the most current stock market information, news, and investment analysis. Before deploying Dome9, the ...

  • Join Dome9 at Cloud Expo, Nov. 7-10

    October 11, 2011


    Join the Dome9 Security team at Cloud Expo, November 7-10 at the Santa Clara Convention Center. We’ll be exhibiting in the main aisle at booth number 522 amidst what’s expected to be one of the largest cloud events of the year.  Stop by, say hello, and see our cloud firewall management service in action on the show ...

  • Dome9 App Now Available for CloudFlare Customers

    October 6, 2011


    We’re proud to announce that Dome9 is now available as a CloudFlare App. CloudFlare customers using dedicated or virtual private servers can sign up through CloudFlare Apps to secure both their website and web server. CloudFlare secures web traffic on port 80 while Dome9 ensures other, non-web ports typically left open – like SSH and RDP ...

  • Cloud Security Part 2: The SECRET Sauce

    October 4, 2011

    Automate Cloud Firewall Security

    The key to effective cloud security is like a two-sided coin – one side is security (of course) while the other is management. Most overlook the later, only to realize how critical management is when it’s too late and they’ve given up on the first, security. Securing your cloud needs to offer protection that includes ...

  • Cloud Security Part 1: Why So Many Cloud Servers are Vulnerable

    September 21, 2011

    Server administrative Login

    You wouldn’t leave your car unlocked in a public parking lot, so why are so many organizations leaving their servers unlocked in the cloud? Security is the number one concern for cloud adoption. Deployment of cloud applications is daunting when you consider the risks of having your applications, infrastructure, IP and private information in the cloud.  ...

  • We have a Lift-off: Dome9 Security Launches!

    September 12, 2011


    It’s with tremendous pride that today we announce generally availability of our first-ever cloud server security management service. Read the Press Release Dome9 offers a truly innovative service, designed to manage server security in the fast growing hosting and cloud industry.  Our service provides end customers and managed service, hosting, and cloud providers with many ...

  • Microsoft Warns Over New ‘Morto’ Worm Targeting RDP; Dome9 Customers Protected

    August 31, 2011


    A new worm called Morto is spreading across Windows hosted and cloud servers.  The worm targets servers with open RDP (Remove Desktop Protocol) scanning infected host’s subnet for servers running RDP, and then attempting to connect to and obtain control of the machine using a preset list of usernames and passwords. Hosted and cloud service ...

  • Visit us at HostingCon 2011 in San Diego!

    August 1, 2011


    We’re just a week away from HostingCon 2011 in sunny San Diego, and we’re proud to share that we’re an exhibitor (booth #236).  It’s sure to be a great show.  They’ve got more than 1,800 people registered for the event and a terrific lineup of speakers and sessions. We at Dome9 are especially excited because we’ve ...

  • Welcome to the Dome9 Security Blog

    August 1, 2011


    I’d like to welcome you to our blog on behalf of the entire team at Dome9! Cloud is one of the fastest growing yet least understood and secured spaces today.  We at Dome9 are committed to helping customers achieve the best, most efficient security in the cloud through our first-of-a-kind cloud security management-as-a-service. We’ve launched this blog ...