Better Together: AWS and Trend Micro

There’s a very good reason why AWS remains a leader in cloud computing. While many providers describe themselves as “customer obsessed,” few come close to our long-time partner in the lengths it goes to earn and retain the trust of its customers.

AWS starts with the customer and works backwards. That means the vast majority of its feature enhancements and new services are directly driven from their input. The latest is Amazon GuardDuty Malware Protection.

This threat detection tool, which will work closely with Trend Micro cloud solutions, will provide another valuable layer of defense in our fight against a shared adversary.

Shining a light on an expanding attack surface

Spurred by a drive for greater cost efficiency and business agility, global organizations are migrating to the cloud in droves. Gartner predicts the worldwide market for public cloud services will reach almost $495bn this year, and grow by over 21% in 2023. In this environment, security remains a persistent concern for cloud builders, because if not properly managed, investments can increase the digital attack surface.

According to recent Trend Micro research, many global organizations are already struggling to securely manage their cloud assets. We found that 73% of IT and business leaders are concerned with the size of their attack surface, and 43% claim it is “spiralling out of control.” Cloud is the area where most respondents say they have least insight. They want their cloud providers to do more—for example by building enhanced detection into their systems, to complement third-party tools.

That’s part of the reason why AWS built Amazon GuardDuty Malware Protection was built. This new feature is triggered by detection of known malicious signatures across the cloud network. Based on this detection, the service scans the associated Amazon EBS storage environment for malware and reports any findings to AWS Security Hub. Open APIs from here link to products like Trend Micro Cloud One to enhance existing detection and response efforts.

Better together

Trend Micro and AWS have been working closely together for over a decade now, and this latest announcement represents another exciting stage in the journey. Customers will welcome AWS native threat detection as a complement to their Trend Micro Cloud One capabilities, delivering a comprehensive range of features to secure the hybrid cloud. Once they add the AWS tool to our virtual patching, vulnerability scanning, lateral movement detection, posture management and other capabilities, joint customers will have a powerful set of integrated offerings to deliver simple, all-in-one cloud security and compliance.

In addition, this move from AWS validates our XDR strategy, which is focused on using as many data sources as possible to enhance detection and response. The bottom line is that security takes a village. Customers, cloud providers and security vendors have a shared responsibility to work together as the threat landscape continues to evolve. That’s what we’ll continue to do, expanding and deepening our strategic partnerships with AWS and other providers in a collective effort to make the digital world safer.

Source :

Spectre and Meltdown Attacks Against OpenSSL

The OpenSSL Technical Committee (OTC) was recently made aware of several potential attacks against the OpenSSL libraries which might permit information leakage via the Spectre attack.1 Although there are currently no known exploits for the Spectre attacks identified, it is plausible that some of them might be exploitable.

Local side channel attacks, such as these, are outside the scope of our security policy, however the project generally does introduce mitigations when they are discovered. In this case, the OTC has decided that these attacks will not be mitigated by changes to the OpenSSL code base. The full reasoning behind this is given below.

The Spectre attack vector, while applicable everywhere, is most important for code running in enclaves because it bypasses the protections offered. Example enclaves include, but are not limited to:

The reasoning behind the OTC’s decision to not introduce mitigations for these attacks is multifold:

  • Such issues do not fall under the scope of our defined security policy. Even though we often apply mitigations for such issues we do not mandate that they are addressed.
  • Maintaining code with mitigations in place would be significantly more difficult. Most potentially vulnerable code is extremely non-obvious, even to experienced security programmers. It would thus be quite easy to introduce new attack vectors or fix existing ones unknowingly. The mitigations themselves obscure the code which increases the maintenance burden.
  • Automated verification and testing of the attacks is necessary but not sufficient. We do not have automated detection for this family of vulnerabilities and if we did, it is likely that variations would escape detection. This does not mean we won’t add automated checking for issues like this at some stage.
  • These problems are fundamentally a bug in the hardware. The software running on the hardware cannot be expected to mitigate all such attacks. Some of the in-CPU caches are completely opaque to software and cannot be easily flushed, making software mitigation quixotic. However, the OTC recognises that fixing hardware is difficult and in some cases impossible.
  • Some kernels and compilers can provide partial mitigation. Specifically, several common compilers have introduced code generation options addressing some of these classes of vulnerability:
    • GCC has the -mindirect-branch-mfunction-return and -mindirect-branch-register options
    • LLVM has the -mretpoline option
    • MSVC has the /Qspectre option

  1. Nicholas Mosier, Hanna Lachnitt, Hamed Nemati, and Caroline Trippel, “Axiomatic Hardware-Software Contracts for Security,” in Proceedings of the 49th ACM/IEEE International Symposium on Computer Architecture (ISCA), 2022.

Posted by OpenSSL Technical Committee May 13th, 2022 12:00 am

Source :

Your Guide to WordPress Favicons

Recognition is crucial for your website to succeed. From creating a great logo to developing key messaging and delivering great content, the easier it is for visitors to recognize your brand, the better the chances they’ll remember your site and make the move from content curiosity to sales conversion.

But reliable recognition isn’t just about the big things — done well, even the smallest details of your WordPress website can help it stand out from the crowd and attract customer notice. This is the role of the favorite icon or “favicon” that’s used in web browser tabs, bookmarks, and on mobile devices as the app image for your site.

Not sure how favicons work or how to get them up and running on your site? We’ve got you covered with our functional guide to favicons — what they are, why they matter, and how to enable them in WordPress.

Grow Your Business With HubSpot’s Tools for WordPress Websites

If you would rather follow along with a video, here’s a walkthrough created by Elegant Themes:

What is a WordPress Favicon?

The official WordPress support page defines a favicon as “an icon associated with a particular website or web page.” This description doesn’t do the term justice — in fact, favicons are everywhere and are intrinsically associated with your brand.

Let’s take a closer look at how favicons look and why they matter below. 

WordPress Favicon Size

The typical size of a WordPress favicon is 512 x 512 pixels. These icons are stored as .ico files in the root directory of your WordPress server.

But what does a favicon look like in real life? For a quick example, take a look at the browser tab of this webpage if you’re on a desktop or the area just under the address bar on your mobile device. Notice anything? That orange symbol with lines and circles is HubSpot’s favicon — and it shows up anytime you’re on our site.

In most cases, favicons are the same as brand logos scaled down to fit web and mobile browsers. Where this isn’t possible — such as cases where your logo is too complex or detailed — site owners typically opt for similar color schemes and thematic elements to ensure brand consistency.

Once you start seeing favicons you can’t unsee them; from webpages to tabs to bookmarks and mobile applications, the icon you choose for your favicon is inextricably linked to your site and your brand — so make sure you choose wisely.

Why Favicons Matter

Favicons are the visual currency of your brand. They’re everywhere — from browsers to bookmarks to mobile apps — and become an integral part of your site’s overall branding strategy.

As result, effective favicon design and deployment offers three broad benefits:

Improved Brand Recognition

Think of your favicon like your calling card — the icon needs to be simple, recognizable and consistent. The more places your favicon appears, the better, since this makes it easy for users to connect your WordPress site with your icon image.

Consistency is also key as users open multiple browser tabs and the available space for text descriptions naturally shrinks. Open enough tabs and all that’s left is — you guessed it — room for the favicon.

Increased Consumer Confidence

While visitors may not be able to define what a favicon is or how it works, these icons are inherently familiar. So familiar, in fact, that sites without favicons often stand out from the crowd for all the wrong reasons.

Much like relevant social media content and secure site connections, favicons are critical to boosting consumer confidence in the products or services you offer on your site.

Integrated Mobile Consistency

The impact of mobile devices can’t be ignored, with smartphones and tablets now outpacing desktops as the primary means of consumer online interaction. Favicons make it possible to ensure your brand easily translates to mobile — when users create website bookmarks on mobile home screens, your favicon stands in for the link.

Favicon Creation Guidelines

Not sure how to get started creating your site’s favicon? Let’s break down some best-practice guidelines.

1. Get the size right.

As noted above, favicons are typically 512 x 512 pixels in size. While it’s possible to use a larger WordPress favicon size, the platform will often ask you to crop the image down.

2. Keep it simple.

While it’s possible to add background colors and other customization to your favicon, keeping it simple is often the best choice. Here, simplicity includes opting for transparency over background colors and keeping the number of foreground colors in your favicon to one or two at most.

Ideally, your favicon will look almost identical to your brand’s logo — if that’s not possible, try to pull elements from your logo such as shapes or color schemes that help tie in your new favicon.

3. Choose wisely.

Site owners can update their favicon at any time, but it’s a good idea to keep the number of changes to a minimum. Here’s why: If users see a different favicon every time they log on to your website, they won’t have an opportunity to associate a specific image with your brand.

Bottom line? Better to go without a favicon until you find one that works for your site and that you don’t plan on changing.

How to Enable WordPress Favicons

To get your favicon up and running on your WordPress site, you’ve got three options:

  1. Use the Site Icon feature
  2. Install a favicon plugin
  3. Upload the new favicon yourself

Let’s break down each method in more detail.

1. Use the site icon feature.

As of WordPress version 4.3, the content management system (CMS) includes a Site Icon function that enables favicons. Simply prepare your image file — which can be a .jpeg, .ico, .gif or .png file — and head to the Administration page of your WordPress Site.

Next, click on “Appearance” and then “Customize”, then click “Site Identity.” Now, click “Select Image” under the Site Icon subheading and upload the file you’ve prepared. You should see a screen like this:

Using site icon feature in WordPress dashboard to create favicon

If you like the favicon you’ve created, no further action is required. If not, you can easily remove the file or upload a new image.

2. Install a favicon plugin.

You can also use a plugin — such as Favicon by RealFaviconGenerator — to create and deploy your favicon. This must-have WordPress plugin not only lets you customize your favicon but also ensures that multiple versions are created to satisfy the requirements of different operating systems and device versions.

As long as the image you upload to the plugin is at least 70 x 70 pixels, the RealFaviconGenerator will take care of the rest.

3. Upload the new favicon yourself.

If you’d rather do the legwork yourself, you can create and upload your own favicon to your WordPress site.

First, create an image that’s at least 16 x 16 pixels and is saved as a .ico file. Then, use an FTP client to upload this file to the main folder of your current WordPress theme — typically the same place as your wp-admin and wp-content folders.

While this should display your favicon in most web browsers, some older browser versions will require you to edit WordPress header HTML code. The result? DIY favicons aren’t recommended unless you’re familiar with more technical WordPress functions.

Final Favicon Thoughts

Whie favicons form only a small part of your WordPress website build, they’re critical for website recognition. Consistent and clear favicons make it easy for visitors to remember your site and carry this mental connection across desktop, tablet, and mobile devices.

Source :,directory%20of%20your%20WordPress%20server.

Vulnerability in Amazon Photos Android App Exposed User Information

Cybersecurity firm Checkmarx has published details on a high-severity vulnerability in the Amazon Photos Android application that could have allowed malicious apps to steal an Amazon access token.

With more than 50 million downloads, Amazon Photos offers cloud storage, allowing users to store photos and videos at their original quality, as well as to print and share photos, and to display them on multiple Amazon devices.

In November 2021, Checkmarx researchers identified an issue in the application that could have leaked the Amazon access token to malicious applications on the user’s device, potentially exposing the user’s personal information. The bug was addressed in December 2021.

The leaked Amazon access token is used for user authentication across Amazon APIs, including some that contain personal information such as names, addresses, and emails. Through the Amazon Drive API, for example, the attacker could access the user’s files, Checkmarx says.

The issue, the researchers explain, resided in a misconfigured component that was “exported in the app’s manifest file, thus allowing external applications to access it.”

The issue resulted in the access token being sent in the header of a HTTP request, but the most important aspect was the fact that an attacker could control the server receiving this request.

“The activity is declared with an intent-filter used by the application to decide the destination of the request containing the access token. Knowing this, a malicious application installed on the victim’s phone could send an intent that effectively launches the vulnerable activity and triggers the request to be sent to a server controlled by the attacker,” Checkmarx notes.

The leaked token could provide the attacker with access to all of the user information available through the Amazon API. Using the Amazon Drive API, the attacker could access users’ files and read, re-write, or delete their contents.

The researchers also explain that the access token could have allowed anyone to modify files and erase their history, to prevent recovery, or could have completely deleted files and folders from the user’s Amazon Drive account.

“With all these options available for an attacker, a ransomware scenario was easy to come up with as a likely attack vector. A malicious actor would simply need to read, encrypt, and re-write the customer’s files while erasing their history,” the researchers say.

The vulnerability might have had a wider impact, given that the potentially affected APIs that the researchers identified represent only a small subset of the entire Amazon ecosystem, Checkmarx also notes.

Source :

Europe Agrees to Adopt New NIS2 Directive Aimed at Hardening Cybersecurity

The European Parliament announced a “provisional agreement” aimed at improving cybersecurity and resilience of both public and private sector entities in the European Union.

The revised directive, called “NIS2” (short for network and information systems), is expected to replace the existing legislation on cybersecurity that was established in July 2016.

The revamp sets ground rules, requiring companies in energy, transport, financial markets, health, and digital infrastructure sectors to adhere to risk management measures and reporting obligations.

Among the provisions in the new legislation are flagging cybersecurity incidents to authorities within 24 hours, patching software vulnerabilities, and readying risk management measures to secure networks, failing which can incur monetary penalties.

“The directive will formally establish the European Cyber Crises Liaison Organization Network, EU-CyCLONe, which will support the coordinated management of large-scale cybersecurity incidents,” the Council of the European Union said in a statement last week.

The development closely follows the European Commission’s plans to “detect, report, block, and remove” child sexual abuse images and videos from online service providers, including messaging apps, prompting concerns that it may undermine end-to-end encryption (E2EE) protections.

The draft version of NIS2 explicitly spells out that the use of E2EE “should be reconciled with the Member States’ powers to ensure the protection of their essential security interests and public security, and to permit the investigation, detection and prosecution of criminal offenses in compliance with Union law.”

It also stressed that “Solutions for lawful access to information in end-to-end encrypted communications should maintain the effectiveness of encryption in protecting privacy and security of communications, while providing an effective response to crime.”

That said, the directive will not apply to organizations in verticals such as defense, national security, public security, law enforcement, judiciary, parliaments, and central banks.

As part of the proposed agreement, the European Union member states are mandated to incorporate the provisions into their national law within a period of 21 months from when the directive goes into force.

“The number, magnitude, sophistication, frequency and impact of cybersecurity incidents are increasing, and present a major threat to the functioning of network and information systems,” the Council noted in the draft.

“Cybersecurity preparedness and effectiveness are therefore now more essential than ever to the proper functioning of the internal market.”

Source :

This World Password Day consider ditching passwords altogether

Did you know that May 5, 2022, is World Password Day?1 Created by cybersecurity professionals in 2013 and designated as the first Thursday every May, World Password Day is meant to foster good password habits that help keep our online lives secure. It might seem strange to have a day set aside to honor something almost no one wants to deal with—like having a holiday for filing your income taxes (actually, that might be a good idea). But in today’s world of online work, school, shopping, healthcare, and almost everything else, keeping our accounts secure is more important than ever. Passwords are not only hard to remember and keep track of, but they’re also one of the most common entry points for attackers. In fact, there are 921 password attacks every secondnearly doubling in frequency over the past 12 months.2

But what if you didn’t have to deal with passwords at all? Last fall, we announced that anyone can completely remove the password from their Microsoft account. If you’re like me and happy to ditch passwords completely, read on to learn how Microsoft is making it possible to start enjoying a passwordless life today. Still, we know not everyone is ready to say goodbye to passwords, and it’s not possible for all your online accounts. We’ll also go over some easy ways to improve your password hygiene, as well as share some exciting news from our collaboration with the FIDO Alliance about a new way to sign in without a password.  

Free yourself with passwordless sign-in

Yes, you can now enjoy secure access to your Microsoft account without a password. By using the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email, you can go passwordless with any of your Microsoft apps and services. Just follow these five steps:

  1. Download and install Microsoft Authenticator (linked to your personal Microsoft account).
  2. Sign in to your Microsoft account.
  3. Choose Security. Under Advanced security options, you’ll see Passwordless account in the section titled Additional security.
  4. Select Turn on.
  5. Approve the notification from Authenticator.
User interface of Microsoft Authenticator app providing instructions on how to turn on passwordless account option.
Notification from Microsoft Authenticator app confirming user's password has been removed.

Once you approve the notification, you’ll no longer need a password to access your Microsoft accounts. If you decide you prefer using a password, you can always go back and turn off the passwordless feature. Here at Microsoft, nearly 100 percent of our employees use passwordless options to log into their corporate accounts.

Strengthen security with multifactor authentication

One simple step we can all take to protect our accounts today is adding multifactor authentication, which blocks 99.9 percent of account compromise attacks. The Microsoft Authenticator app is free and provides multiple options for authentication, including time-based one-time passcodes (TOTP), push notifications, and passwordless sign-in—all of which work for any site that supports multifactor authentication. Authenticator is available for Android and iOS and gives you the option to turn two-step verification on or off. For your Microsoft Account, multifactor authentication is usually only needed the first time you sign in or after changing your password. Once your device is recognized, you’ll just need your primary sign-in.

Microsoft Authenticator screen showing different accounts, including: Microsoft, Contoso Corporation, and Facebook.

Make sure your password isn’t the weak link

Rather than keeping attackers out, weak passwords often provide a way in. Using and reusing simple passwords across different accounts might make our online life easier, but it also leaves the door open. Attackers regularly scroll social media accounts looking for birthdates, vacation spots, pet names and other personal information they know people use to create easy-to-remember passwords. A recent study found that 68 percent of people use the same password for different accounts.3 For example, once a password and email combination has been compromised, it’s often sold on the dark web for use in additional attacks. As my friend Bret Arsenault, our Chief Information Security Officer (CISO) here at Microsoft, likes to say, “Hackers don’t break in, they log in.”

Some basics to remember—make sure your password is:

  • At least 12 characters long.
  • A combination of uppercase and lowercase letters, numbers, and symbols.
  • Not a word that can be found in a dictionary, or the name of a person, product, or organization.
  • Completely different from your previous passwords.
  • Changed immediately if you suspect it may have been compromised.

Tip: Consider using a password manager. Microsoft Edge and Microsoft Authenticator can create (and remember) strong passwords using Password Generator, and then automatically fill them in when accessing your accounts. Also, keep these other tips in mind:

  • Only share personal information in real-time—in person or by phone. (Be careful on social media.)
  • Be skeptical of messages with links, especially those asking for personal information.
  • Be on guard against messages with attached files, even from people or organizations you trust.
  • Enable the lock feature on all your mobile devices (fingerprint, PIN, or facial recognition).
  • Ensure all the apps on your device are legitimate (only from your device’s official app store).
  • Keep your browser updated, browse in incognito mode, and enable Pop-Up Blocker.
  • Use Windows 11 and turn on Tamper Protection to protect your security settings.

Tip: When answering security questions, provide an unrelated answer. For example, Q: “Where were you born?” A: “Green.” This helps throw off attackers who might use information skimmed from your social media accounts to hack your passwords. (Just be sure the unrelated answers are something you’ll remember.)

Passwordless authentication is becoming commonplace

As part of a historic collaboration, the FIDO Alliance, Microsoft, Apple, and Google have announced plans to expand support for a common passwordless sign-in standard. Commonly referred to as passkeys, these multi-device FIDO credentials offer users a platform-native way to safely and quickly sign in to any of their devices without a password. Virtually unable to be phished and available across all your devices, a passkey lets you sign in simply by authenticating with your face, fingerprint, or device PIN.

In addition to a consistent user experience and enhanced security, these new credentials offer two other compelling benefits:

  1. Users can automatically access their passkeys on many of their devices without having to re-enroll for each account. Simply authenticate with your platform on your new device and your passkeys will be there ready to use—protecting you against device loss and simplifying device upgrade scenarios.
  2. With passkeys on your mobile device, you’re able to sign in to an app or service on nearly any device, regardless of the platform or browser the device is running. For example, users can sign in on a Google Chrome browser that’s running on Microsoft Windows, using a passkey on an Apple device.

These new capabilities are expected to become available across Microsoft, Apple, and Google platforms starting in the next year. This type of Web Authentication (WebAuthn) credential represents a new era of authentication, and we’re thrilled to join the FIDO Alliance and others in the industry in supporting a common standard for a safe, consistent authentication experience. Learn more about this open-standards collaboration and exciting passwordless capabilities coming for Microsoft Azure Active Directory in a blog post from Alex Simons, Vice President, Identity Program Management.

Helping you stay secure year-round

Read more about Microsoft’s journey to provide passwordless authentication in a blog post by Joy Chik, Corporate Vice President of Identity. You can also read the complete guide to setting up your passwordless account with Microsoft, including FAQs and download links. And be sure to visit Security Insider for interviews with cybersecurity thought leaders, news on the latest cyberthreats, and lots more.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

Source :

Are bigger SSD’s faster?

It’s possible you’ve read somewhere or someone gave you the following advice: a bigger SSD is faster. That is correct. If you take a specific SSD drive model and compare its 250 GB size variant to the 1 TB variant, the bigger one will be faster.

Again, I can’t stress this enough: we’re talking about the same model from the same manufacturer – only the size differs.

In this whole idea, we’re talking about comparing something like the Kingston A400 240 GB model to the Kingston A400 960 GB model. In this example, even the manufacturer stats about 100 MB/s faster write performance.

Ok, but why is a bigger SSD faster?

To put it simply, a bigger SSD has more NAND chips ranks and more channels that they can use in parallel. This leads to faster data transfer. This is a lame simplified explanation.

This of course, varies from manufacturer to manufacturer and that is because there are different controllers out there, different things a manufacturer can do in the SSD’s firmware and so on. But usually, you’ll see a measurable difference between the low capacity drives and the higher capacity ones.

Consider the DRAM Cache

The way an SSD uses its cache is by placing data in this lower-latency area, called the cache, so future requests for that data can occur much faster. These caches are usually of two types: DRAM Cache or SLC Cache.

Fast SSDs, usually have a DRAM cache. The controller of the SSD actually has this dynamic random-access memory (DRAM). Do not confuse this with the SLC cache.

Why would you care? Well, bigger SSDs have a bigger DRAM cache. Just check Samsung’s datasheet for the 870 EVO – on page 3 you’ll see the 1TB, 2TB, and 4TB have bigger and bigger DRAM caches than the 250/500GB drives.

that is the DRAM cache. Its an additional chip!

DRAM Cache and SLC Cache are completely different animals. Yes they both do the ‘cache’ action. They both have the purpose of accelerating the drive’s speed, but the cost and logic are different.

A DRAM cache is basically a separate chip in the PCB of your SSD. This DRAM chip is responsible for the work in your SSD, just as your system RAM is responsible for the operation of your PC. It temporarily stores data for the purpose of accelerating processing.

And because of the temporary storage function of the DRAM cache, many read and write processes can directly use the data in this cache – and it is a lot faster than starting from the beginning.

When we’re talking about the SLC cache, it is not a separate chip. Because it is called a cache and it is not really a true SLC NAND Flash chip, but a part of the space in the TLC or QLC’s NAND Flash IC, it simulates the SLC writing method. It simulates it as in it writes only 1 bit of data in each cell. This does improve the read/write performance of the SSD. But not as long or as much as a DRAM cache.

But! For an SSD without a DRAM cache, just a SLC Cache, the speeds will drop dramatically after that cache is exhausted from sequential writes – thye drop to the original value of the TLC NAND Flash. For these types of SSDs, without a DRAM cache, usually the indicated read/write speed in the tech specs are measured using the SLC Cache. (the test does not get to saturate the SLC cache and the average speed is higher. But if it were to be really tested, we’d see lower numbers once the SLC Cache can’t keep up)

The bottom line is: a drive without a DRAM Cache will not be able to sustain those advertised speeds for long.

Plus, a bigger DRAM Cache means you can abuse that drive more. By abusing, I mean giving it heavy workloads like a lot of writes/reads at once.

My 2cents? Never buy a DRAM-less SSD. SSDs that have a DRAM cache are so cheap nowadays it does not make sense to trade off the performance. Heck, I’ve seen DRAM-less SSDs a couple of bucks more expensive than the ones with a DRAM cache. I don’t know why.

How to tell if that SSD has a DRAM cache?

Just look up the datasheet on the manufacturer’s website. PCpartpicker also sometimes lists this specification in the Cache column.

If I’m in a hurry, if the manufacturer does not say anything about the DRAM cache, I will assume it has none. If I really want to know, just Google some review of that model.

TBW – total bytes written

A specification where bigger drives win again, as they allow for more writes before failure.

To be fair, a normal gamer/user will probably never saturate this even if we’re talking about a small drive. It takes a lot of work to actually write so much data and usually… you’ll probably want to upgrade to a bigger or faster drive before your old SSD will fial.

Nonetheless, it is worth mentioning that the TBW figure is also bigger in a bigger SSD.

Always try to buy bigger and with DRAM Cache

Enough said. Spending a little more for a bigger drive with a DRAM cache is always worth it. Always!

Examples of popular SSDs that do have a DRAM cache:

  • Samsung 870 EVO, 860 EVO, 850 EVO, 860 PRO, 980 PRO, 960 PRO, 970 EVO drives
  • Crucial MX500 drives
  • Gigabyte Aorus Gen4 7000s
  • Patriot Ignite 960 GB
  • Kingston A2000 M.2

Do note that the list above is not complete. I’m sure I’ve missed some. Those are just some popular drives that I can actually recommend if you are looking for suggestions on what to buy – and always strive to get the biggest capacity you can afford!

Final thoughts

If there is something to remember from this whole article is this: buy as big as your budget allows you and always buy an SSD that has a DRAM Cache. These two ideas will guarantee that you’ll not be disappointed with your new SSD.

Source :

How to Defer Parsing of JavaScript Properly + WordPress Fix [Updated Guide]

Learn how to Defer Parsing of JavaScript to improve pagespeed score. And how you can fix ‘Eliminate render-blocking of JavaScript’ warning in Google PageSpeed Insights by deferring non-critical JavaScript(s). The newer version of Google PageSpeed Insight refers to this issue as ‘Eliminate render-blocking resources’; these render-blocking resources may include JavaScripts and CSS.

In this article, I will cover what is defer parsing of JavaScript, how to defer parsing of JavaScript properly, why you should defer parsing JavaScript, how to find render-blocking JavaScript(s) which are to be deferred, how to defer multiple JavaScripts in one go, how you can defer parsing of JavaScript in WordPress with or without plugin and how does deferred loading of JavaScript help to speed up your website?

Get WP Rocket WordPress Cache Plugin.
how to defer parsing of javascript in wordpress - how to defer parsing javascript
How to Defer Parsing of JavaScript

In a nutshell, we’ll eliminate render-blocking JavaScript(s) not by actually removing (deleting) them from the website code but by defer loading them. So that they stop blocking the loading (rendering) of meaningful content (the first paint) of the website.

These terms (the above terminology) might be overwhelming for you at first, especially if you’re not a tech guy.

But, don’t worry about that!

I am going to explain everything step by step in simple words. So that you can proceed at your pace and implement the methods to fix ‘Eliminate render-blocking resources’ on your website/blog.

Table of Contents [hide]

What is Defer Parsing JavaScript

A web page is made of up several components which include HTML, CSS/Stylesheets, JavaScript, and graphical (images & icons) components etc. These components are stacked one over another in the code structure of the web page.

When a user types your website URL in the web browser’s address bar and hit enter. The browser first establishes the connection with the server on which your website is hosted.

Once the connection is established, the browser starts rendering the components of the webpage to display the web page.

A2 Hosting - 72% OFF on Turbo (Up To 20X Faster) Hosting

The browser renders the components serially from the top towards the bottom of the webpage. That means what comes first rendered first and so on.

When the browser encounters JavaScript on a web page, it downloads the JavaScript, executes it, and then proceeds to render the next component. So during this time browser stop rendering the rest of the web page.

Every time the browser encounters JavaScript, it stops rendering the rest of the webpage until it renders and executes the encountered JavaScript.

That’s how JavaScript blocks the critical rendering path.

To avoid this situation, Google Engineers recommend deferring non-critical JavaScript.

The question still remains the same, What is Defer Parsing of JavaScript?

Defer Parsing of JavaScript can be defined as the process of using defer or async attribute with JavaScript to avoid render blocking of the first paint of a web page. These attributes tell the web browser to parse and execute the JavaScript in parallel (asynchronously) or after (defer) the parsing of HTML of a web page. Thus, the visitors need not wait longer to see the meaningful content of the web page.

Difference between defer or async

Now you know that there are two attributes – defer or async; that can be used to defer javascript loading.

Before we talk about the difference between defer and async, let’s see how does <script> tag works.


Legend - async vs defer attribute
legend async vs defer attribute


script tag
script tag

When we use <script> tag to add script in our code, the HTML is keep parsing till the script file is reached, then onwards parsing will be paused until the script file is downloaded and executed.

Suitability: Not recommended in most cases.

<script defer>

script defer attribute
script defer attribute

When defer attribute is appended with script tag, the script file is downloaded alongside the HTML parsing but the downloaded script executes only after the completion of HTML parsing.

Suitability: For non-critical script files.

<script async>

script async attribute
script async attribute

When async attributed is used with script tag, the script file downloads during HTML parsing, then HTML parsing pauses just to execute the downloaded-script file.

Suitability: For critical script files that cannot be inline.  

Defer loading of JS & PageSpeed Insights recommendation

Let’s try to put this in a perspective with Google PageSpeed Insights warning and recommendation.

When you test, a website using Google Pagespeed Insights Tool, you get some warnings and recommendations to fix those warnings/errors.

Google PSI - Render blocking resources - JavaScripts to be deferred
Google PSI – Render blocking resources – JavaScripts to be deferred

The PageSpeed Insights (PSI) text for render-blocking resources says,

Eliminate render-blocking resources.

Resources are blocking the first paint of your page. Consider delivering critical JS/CSS inline and deferring all non-critical JS/styles.

This warning triggers for two different elements i.e. JavaScript (JS) and CSS when any of them block the critical rendering path 1 during the website loading. Here in this article, we are discussing the JavaScript part.

(In the previous version of PageSpeed Insights Tool, the same warning (for the JavaScript) used to be called ‘Eliminate render-blocking of JavaScript’.)

In simple words, this warning triggers when there are some JavaScript(s) loading on your website which blocks the loading of the content that matters most to your visitors.

This means your visitors have to wait longer to see the meaningful content of your website because JavaScript(s) are blocking the rendering of content.

Clearly, Pagespeed Insights or other site speed testing tools (GTMetrix, etc.) show this warning/error, if your site loads some JavaScript(s) that block the loading of meaningful content (the first paint) of your site.

And this needs to be fixed.

Critical vs Non-critical JavaScript: Explained

As Google PageSpeed Insights (PSI) recommendation says you should deliver critical JS inline and defer all non-critical JS.

What does this mean?

Let’s break that down by terminology.

Critical JavaScripts: JavaScripts that are necessary to load during optimized critical rendering.

Non-critical JavaScripts: Those JS that can wait to load until the first meaningful content (the first paint) of the webpage has loaded.

Inline Delivery: Inline delivery refers to loading a resource (in this case JS) within the HTML code instead of calling/importing that separately.

Curious? Why does JavaScript block the critical rendering path in the first place?

We’ll discuss that in the next section with other reasons why you should Defer JavaScript Parsing.

Do you know? how to

Why You Should Defer Parsing of JavaScript

JavaScript Execution: is a Heavier Task

How does JS Affect SiteSpeed?

First of all, JavaScript(s) is one of the major culprits to make your website slow.

Wondering, why is that?

Because when the web browser comes across a script, it executes the script first before continuing to load HTML that includes the content users are looking for.

For a browser, executing JavaScript is a heavier task (depending on the size of the script) and takes more time as compared to rendering the meaningful content (the first paint) of the webpage.

Hence JavaScript affects the critical rendering path and slows down pagespeed of your website.

Why not defer this heavier task of JS execution so that the critical rendering path remains uninterrupted, right?

Pagespeed: is now a Ranking Factor

Site speed has already become a ranking signal.

About a decade ago Google announced 2 in an official blog post on Google Webmaster Central Blog that site speed has become a ranking signal.

In another blog post published on the Official Webmaster Central Blog in 2018, they revealed 3 that Google started using page speed as a ranking factor in mobile search ranking.

Since Google had declared pagespeed a factor in search result rankings for desktop and mobile. Therefore, site speed optimization has become a significant aspect of technical SEO.

For the same reason, Google PageSpeed Insights Tool recommends deferred parsing of JavaScript as one of the solutions 4 to remove render-blocking JavaScript in above-the-fold content.

User Experience: decides Your Site’s Success

How does JavaScript affect user experience (UX)?

We have already discussed that JavaScript(s) slow down the pagespeed by blocking the rendering of first paint (the meaningful content). That led to more loading time and a longer wait for users to see the content; bad user experience, right.

Speed matters a lot, the truth is users do not like slow-loading websites. In fact, studies show that the users leave a slow loading site early and move on.

On the contrary, you want your website audience to engage with your site and eventually turn into a customer, subscriber, or ad-viewer. In order to make that happen, you need to improve your pagespeed by deferring non-critical JavaScript(s).

Reasons to Defer Loading of JavaScript: Summing it up

As I mentioned above, however, the parser (browser) starts downloading and executing the script over parsing the rest of HTML, whenever it encounters the script.

But the fact is, most of the JavaScript(s) come into use when the complete web page is loaded. For example, in some animation, effect, or functionality, etc.

Therefore, it is a good idea to load JavaScript(s) only after the content has loaded.

This way deferred loading of JavaScript does not affect the critical render path and consequently helps to speed up your website. And hence, a better user experience for your readers.

And by making your site load faster, you also improve your search ranking on desktop as well as mobile.

Do you know, good web hosting is a must for better pagespeed?
If you are already using good web hosting?
Awesome, let’s skip to defer parsing of JavaScript.
Not sure? whether your hosting is as good as your website deserves, don’t worry. We recommend Cloudways and Kinsta Hosting for better sitespeed.
Read our Kinsta Review.

Now, since you have an understanding of what is defer parsing of JavaScript and why you should defer loading of JavaScript(s).

It is a good time to figure out which JavaScript(s) (on your website) are the culprits and need to be deferred.

If you already know which JavaScript(s) on your website are blocking the critical rendering path, you may skip the following section and jump to the implementation part. Otherwise, keep on reading…

How to Find Render-blocking JavaScript(s)

JavaScript(s) which block the rendering of meaningful content are called ‘Render Blocking JavaScript(s)’ and need to be deferred.

You can find render-blocking JavaScript(s) by analyzing your website using site speed testing tools.

There are several pagespeed testing tools available to analyze a website for site speed and loading time. I am sharing with you the most reliable and trusted tools for pagespeed testing.

Test your site using these tools and note the results of these tools so that you can compare the results before and after implementing defer parsing of JavaScript(s).

1. PageSpeed Insights by Google

PageSpeed Insights by Google
PageSpeed Insights by Google

Google PageSpeed Insights (PSI) is an exclusive pagespeed testing tool by Google. Test your website using Google PSI Tool to find out render-blocking JavaScript(s). PageSpeed Insights Tool results give information about warnings and their solutions/fixes.

2. GTmetrix

GTmetrix - Speed and Performance Test Tool
GTmetrix – Speed and Performance Test Tool

This one (GTmetrix) is another good free tool to test site speed. You can test your site with GTmetrix to know which JavaScripts need to be deferred.

3. Pingdom Tools

Pingdom Tools for Website Speed Test
Pingdom Tools for Website Speed Test

Solarwinds’ Pingdom Tools are also very popular when it comes to site speed testing tools. You can test your site using Pingdom Tools to check the number of JS requests on your site and how much they contribute to the total number of requests.

Now you know which JavaScript(s) are making your site slow and need to be deferred. So, let’s see how to fix this issue by deferring non-critical JavaScript(JS).

Test Results: Before Defer Parsing of JavaScript

I have tested a website before implementing defer parsing of JavaScript. Consider these a baseline and compare these results after deferred loading of JavaScripts.

Pagespeed Insights Result before Defer Parsing of JS
Pagespeed Insights Result before Defer Parsing of JS
GTmetrix Result before Defer Parsing of JS
GTmetrix Result before Defer Parsing of JS

How to Defer Parsing of JavaScript [Step by step]

You need to use the following code to defer parsing JavaScript. Insert this code in HTML file just before the </body> tag. Read the instructions given below to use this script.

< script type="text/javascript">
function parseJSAtOnload() {
var element = document.createElement("script");
element.src = "script_to_be_deferred.js";
if (window.addEventListener)
window.addEventListener("load", parseJSAtOnload, false);
else if (window.attachEvent)
window.attachEvent("onload", parseJSAtOnload);
else window.onload = parseJSAtOnload;
</script >

Instructions for Defer Parsing JavaScript using the script

Don’t forget to take a complete backup before making any changes in the code. If something went wrong, you can use that backup to go back.

  1. Copy the code and paste it in HTML file just before the </body> tag (near the bottom of HTML file).
  2. Replace script_to_be_deferred.js with the link of the JavaScript which is to be deferred. You can copy the link of JavaScript(s) (which Google PageSpeed tool suggests to defer) from Google PageSpeed Insights tool results for your website.
  3. Save changes. And you are done.
  4. Finally, test your website again to see the effect.

Code to Defer Multiple JavaScripts in One-go

If you want to defer multiple scripts in one go. You can use the same script with little modification. In the following code replace defer1.js, defer3.js, and defer3.js, etc. with the link of scripts that you want to defer.

 < script type="text/javascript">
function parseJSAtOnload() {
var links = ["defer1.js", "defer2.js", "defer3.js"],
headElement = document.getElementsByTagName("head")[0],
linkElement, i;
for (i = 0; i < links.length; i++) {
linkElement = document.createElement("script");
linkElement.src = links[i];
if (window.addEventListener)
window.addEventListener("load", parseJSAtOnload, false);
else if (window.attachEvent)
window.attachEvent("onload", parseJSAtOnload);
else window.onload = parseJSAtOnload;
</script >  

How to Defer Parsing of JavaScript in WordPress

You can defer parsing of JavaScript in WordPress by following methods:

  1. Using WordPress Plugins (with a plugin) – suitable for all plugin lovers.
  2. Adding a Code Snippet to function.php file – suitable for those who are used to playing with code and editing files in WordPress. – without plugin method #1
  3. Using the Script mentioned above  – suitable for geeks who don’t want to use a plugin. – without plugin method #2

1. Defer Parsing of JavaScript using WordPress Plugin

There are several WordPress plugins available to defer parsing of JavaScript in WordPress, I am listing the best plugins that stand out in the crowd because of their performance and reliability.

Obviously, the process of installing and activating any of the following plugins remains the same.

If you’re not sure about the process of installing a WordPress plugin, you can refer this beginner’s guide to learn different methods of installing a plugin in WordPress.

#1.1 Async JavaScript Plugin

If you want a standalone plugin to defer parsing of JavaScript, Async JavaScript should be your pick.

This tiny plugin offers all necessary settings to tweak deferred loading of JS in WordPress.


Steps to defer parsing of javascript in WordPress using a plugin:

  1. Navigate to WordPress Dashboard > Plugins > Add New.
  2. Search Async JavaScript Plugin in the plugin repository.
  3. Install and activate Async JavaScript Plugin.
  4. Head-over to WordPress Dashboard > Settings > Async JavaScript.
  5. Go to Settings tab of Async JavaScript Plugin.
  6. Check the box against ‘Enable Async JavaScript’ option and save changes to start deferring Javascript in WordPress.
  7. There are other options as mentioned below; You can tweak the relevant option as per your need.
  • enable asyns js for logged-in user
  • on cart/check out pages
  • quick settings
  • async javascript method
  • jQuery
  • scripts to Async
  • scripts to Defer
  • script Exclusion
  • plugin exclusions
  • theme exclusion
Async Javascript Plugin - Defer JS WordPress
Async Javascript Plugin – Defer JS WordPress

#1.2 Defer Parsing of JavaScript Setting in WP Rocket Plugin

WP Rocket is a power-pack of features when it comes to WordPress speed optimization.

You can easily defer loading of javascript using WP Rocket to speed up your site.

Steps involved to enable defer loading of JS using WP Rocket plugin:

  1. Install and active WP Rocket plugin.
  2. Go to WP Dashboard > Settings > WP Rocket.
  3. Under File Optimization enable Load JavaScript deferred option and save changes.
  4. Now test your site to check results.
Load JavaScript deferred - WP Rocket
Load JavaScript deferred – WP Rocket


Hell, YES!

You can read, how we got load time under 1s using WP Rocket.

#1.3 Defer Parsing of JavaScript: W3 Total Cache

You can defer JavaScript loading in WordPress using W3 Total Cache plugin.

Steps to defer parsing of JavaScript using W3 Total Cache WordPress plugin:

  • Head-over to WordPress Dashboard > Plugins > Add New.
  • Search W3 Total Cache in the plugin repository.
  • Install and activate W3 Total Cache plugin.
  • Go over WP Dashboard > Performance (W3 Total Cache Settings) > Minify.
  • Scroll down to JS minify settings. You will see settings like shown in the image below.
  • Check/select options as shown in the image below. Click Save all settings and you are done.
  • Test your site using pagespeed test to see the results.
Defer JavaScript - W3 Total Cache
Defer JavaScript – W3 Total Cache

#1.4 Defer Loading of JavaScript in LiteSpeed Cache Plugin

LiteSpeed Cache is an amazing optimization plugin for LiteSpeed server hosting. But the general features of this plugin can be utilized on any server like LiteSpeed, Apache, NGINX, etc.

Steps to defer parsing of javascript in LiteSpeed Cache plugin:

  • Go to WP Dashboard > Plugins > Add New.
  • Search Litespeed Cache in the plugin repository.
  • Install and activate LiteSpeed Cache plugin.
  • Navigate to WP Dashboard > LiteSpeed Cache > Page Optimization > JS Settings.
  • Scroll down to Load JS Deferred And turn it ON and save changes.
  • Now test your website using pagespeed tool to check the result.
Load JS Deferred - LiteSpeed Cache Plugin
Load JS Deferred – LiteSpeed Cache Plugin

#1.5 Defer Parsing of JavaScript using Swift Performance Plugin

Swift Performance plugin has become a well known name in the speed optimization category. Their free version is called ‘Swift Performance Lite’.

The process to delay loading of JS in WordPress using Swift Performance:

  • Head-over to WP Dashboard > Plugins > Add New.
  • Search Swift Performance Lite in the plugin repository.
  • Install and activate Swift Performance Lite
  • Navigate to WP Dashboard > Tools > Swift Performance > Settings > Optimization > Scripts.
  • Enable the option called Merge Scripts. Once you enable it, other related options will appear.
  • Now add the scripts to be deferred under the option called Deferred Scripts and Save changes.
  • Finally, test your website using speed test tool to see the result.
Deferred Scripts setting - Swift Performance Plugin
Deferred Scripts setting – Swift Performance Plugin

#1.6 Defer Parsing of JavaScript in WordPress using Speed Booster Pack 

Speed Booster Pack also offers deferred loading of javascript out of the box. 

Step by step procedure to enable defer loading of js in Speed Booster Pack plugin:

  • Go to WordPress Dashboard > Plugins > Add New.
  • Search Speed Booster Pack in the plugin repository.
  • Install and activate Speed Booster Pack plugin.
  • Navigate to WP Dashboard > Speed Booster > Assets.
  • Scroll down to the option called Optimize JavaScript. Under this option choose Defer for deferred loading of JS.
  • Save changes and you’re done.
  • Now, test your site using pagespeed test tool to check the result.
Defer Javascript - Speed Booster Pack Plugin
Defer Javascript – Speed Booster Pack Plugin

#1.7 Defer Parsing of JavaScript: Autoptimize

Autoptimize another good plugin to optimize WordPress speed. This plugin also offers the option to defer load JS in WordPress.

Step by step process to defer parsing javascript using Autoptimize:

  • Navigate to WordPress Dashboard > Plugins > Add New.
  • Search Autoptimize in WordPress plugin repository.
  • Install and activate Autoptimize plugin.
  • Go to Dashboard > Settings > Autoptimize > JS, CSS & HTML.
  • Under JavaScript Options enable Optimize JavaScript Code and,
  • Then enable Do not aggregate but defer option and save changes.
  • Now Empty Cache and test your site using speed test tool to see the result.
Defer Javascript Loading - Autoptimize
Defer Javascript Loading – Autoptimize

#1.8 WP Fastest Cache to Defer Parsing of JavaScript

You can eliminate render-blocking JavaScript resources using WP Fastest Cache plugin. But this feature is available with the premium version only.

2. Defer JavaScript Parsing in WordPress via functions.php file

Yes, you can defer parsing of JavaScript in WordPress by adding a code snippet to function.php file.

This is one of the methods that you can use to Defer Parsing of JavaScript in WordPress without using a plugin.

As I have mentioned above this method is suitable for people who are comfortable with code editing in WordPress.

You might be thinking, but why?

First of all, functions.php is an important theme file. That means you might end up breaking your site easily if anything went wrong with the editing of functions.php file.

Also, there are different versions of the code snippet on the web to fix defer parsing of JavaScript in WordPress via functions file. Unfortunately, not all the code snippets work fine.

So you should be careful while using a code snippet to defer loading of JavaScript.

How to Edit functions.php File Safely

I always recommend using a child theme in WordPress in order to avoid code editing mess.

Because while editing the code, even if you miss a single comma (,) semicolon (;) or any other symbol/syntax, your website will break completely or partially. And you have to make extra efforts to recover the site.

If you’re not using a child theme, learn how to use a child theme in WordPress and its benefits.

For any reason, if you don’t want to implement a child theme now, you can use this plugin to add code to functions.php file of your theme without editing the original file.

Step by step process to Defer Parsing JavaScript in WordPress via functions.php

Take a complete backup before making any changes to the code.

I assume that you’re using a child theme. If you’re not, first create and activate a child theme to any trouble because of theme file editing.

  1. Go to your WordPress Dashboard > Appearance > Theme Editor
  2. Select/open functions.php file (of child theme) from theme files.
  3. Paste the code snippet given below at the end of functions.php file.
  4. You can specify JS files to exclude from defer in the array (‘jquery.js’).
  5. Finally, click Update File to save changes. That’s all.

The code snippet is to be pasted in functions.php file.

// Defer Parsing of JavaScript in WordPress via functions.php file
// Learn more at 

function defer_parsing_js($url) {
//Add the files to exclude from defer. Add jquery.js by default
    $exclude_files = array('jquery.js');
//Bypass JS defer for logged in users
    if (!is_user_logged_in()) {
        if (false === strpos($url, '.js')) {
            return $url;

        foreach ($exclude_files as $file) {
            if (strpos($url, $file)) {
                return $url;
    } else {
        return $url;
    return "$url' defer='defer";

add_filter('clean_url', 'defer_parsing_js', 11, 1);

The above code snippet is using defer attribute to defer parsing of JavaScripts. You can replace the defer attribute with async attribute to parse JavaScript asynchronously. You can read more about async attribute and other methods to fix render-blocking JavaScript.

3. Defer Parsing of JavaScript without WordPress Plugin – Script Method

The script method explained above can be used in WordPress to defer loading of javascript. In WordPress, the above-mentioned code can be placed in HTML file just before the </body> tag using hook content option.

Most of the popular WordPress themes come with hook content provision. If you are not using the hook content option or it is not available in your theme. Then, either you can use a WordPress plugin to add the script to WordPress footer before </body> tag or you can place the script in the footer file just before the </body> tag manually.

Facing any difficulty adding the script in WordPress footer? Check out our detailed guide, to learn how to add code in WordPress header and footer easily.

Steps to defer load javascript in WordPress without using a plugin:

  1. Copy the code and paste that before the </body> tag (using a plugin or built-in theme hook) .
  2. Now replace script_to_be_deferred.js with the JavaScript to be deferred.
  3. Save changes and you’re done.
  4. Clear the cache, if there is any.
  5. Test your website again to see the result.

Test Results: After Defer Parsing of JavaScript

The following are the test results after defer loading of JavaScript.

PageSpeed Insights Result after fixing Defer Parsing of JavaScript
PageSpeed Insights Result after fixing Defer Parsing of JavaScript
GTmetrix result after implementing Defer Parsing of JavaScript
GTmetrix result after implementing Defer Parsing of JavaScript

Wrapping it up

Other than defer parsing of JavaScript, you can also use async attribute or inline JavaScript to remove render-blocking JavaScript. I have covered async attribute or inline JavaScript in another blog post, read that article here. In that article, I have also mentioned a few useful WordPress plugins to defer parsing JavaScript.

Although WordPress plugins are available to defer parsing of JavaScript. The above-explained script method is considered more appropriate by several experts and webmasters. But the people who use WordPress know that using a WordPress plugin is like bliss.

I hope this guide will help you to defer parsing of JavaScript. Let me know, which technique you use to defer parsing of JavaScript. If you are facing any problem implementing the above methods or have a question. Let me know via the comment section. I will be happy to answer.


Source :

NSv Virtual Firewall: Tested and Certified in AWS Public Cloud

Looking for the best way to extend your firewall protection to the cloud? Independent testing recently found that SonicWall NSv series is more than up to the challenge.

More than 90% of enterprises use the cloud in some way, with 69% of those considered hybrid cloud users (utilizing both private and public clouds). Along with widespread remote work adoption, this shift is driving the need for scaled-out, distributed infrastructure.

Within this new cloud landscape, security has become more complex as the number of perimeters and integrations grow, and cybercriminals increasingly focus on security gaps and vulnerabilities in cloud implementations. It’s often easier for threat actors to exploit these vulnerabilities than it is to breach hardened components of the cloud deployment.

A next-generation firewall deployed in the cloud can protect critical data stored in the cloud. But it’s important to make sure this firewall provides the same level of security and performance as an on-premises firewall.

Recently, Tolly Group used Keysight Technologies’ brand-new native cloud testing solution — CyPerf — to measure the performance of SonicWall NSv 470 virtual firewall in Amazon Web Services (AWS). AWS is the major public cloud vendor, with a projected 49% market share in enterprise cloud adoption for 2022. AWS recommends a shared responsibility model, meaning AWS is responsible for the security of the cloud, and the customer is responsible for security in the cloud.

What is SonicWall NSv virtual firewall?

SonicWall’s NSv Series virtual firewalls provide all the security advantages of a physical firewall, plus all the operational and economic benefits of the cloud — including system scalability and agility, speed of system provisioning, simple management and cost reduction. NSv delivers full-featured security tools including VPN, IPS, application control and URL filtering. These capabilities shield all critical components of the private/public cloud environments from resource misuse attacks, cross-virtual-machine attacks, side-channel attacks, and common network-based exploits and threats.

What is Keysight Technologies CyPerf?

Keysight CyPerf is the industry’s first cloud-native software solution that recreates every aspect of a realistic workload across a variety of physical and cloud environments. CyPerf deployed across a variety of heterogeneous cloud environments realistically models dynamic application traffic, user behavior and threat vectors at scale. It validates hybrid cloud networks, security devices and services for more confident rollouts.

Putting SonicWall NSv to the Test

Keysight Technologies and Tolly Group engineers tested a SonicWall NSv 470 virtual firewall running SonicOSX version 7. The AWS instance for the NSv 470 under test was AWS C5.2xlarge. The engineers deployed CyPerf agents on AWS C5.n2xlarge instances to be certain that the agents would have sufficient resources to stress the firewall under test. Each of two agent instances was provisioned with 8 vCPUs, 21GB memory and 25GbE network interfaces.

Product Image

Test methodology and results

The engineers used three different traffic profiles to collect results — unencrypted HTTP traffic, encrypted (HTTPS/TLS) traffic, and Tolly’s productivity traffic mix, which includes five applications: JIRA, Office 365, Skype, AWS S3 and Salesforce. Engineers used CyPerf application mix tests to create the Tolly productivity mix and generate stateful, simulated application traffic.

The tests were run against three different security profiles:

1) Firewall: Basic firewall functions with no policy set

2) IPS: Firewall with the intrusion prevention system feature enabled

3) Threat Prevention: Firewall with IPS, antivirus, anti-spyware and application control features enabled

The results observed in the AWS public cloud environment are similar to the results observed in virtual environment.

TestUnencrypted HTTP TrafficEncrypted HTTPS/TLS Traffic 
Firewall Throughput7.70 Gbps3.10 Gbps
IPS Throughput7.60 Gbps3.05 Gbps
Threat Prevention7.40 Gbps3.04 Gbps

Table 1: Test measurements for NSv 470 in AWS Cloud

Note: The table above highlights just a few of the test results. For complete results and test parameters, please download the report.


Most enterprises are moving their datacenters away from traditional on-premises deployments and to the cloud. It is imperative that security teams provide the same level of security for cloud server instances as they have been doing for on-premises physical servers. A next-generation firewall with advanced security services like IPS and application control is the first step to securing cloud instances against cyber threats.

In addition to security features, it also important to choose a firewall that provides the right level of performance needed for a given cloud workload. SonicWall NSv series offers a variety of models with performance levels suited to any size of cloud deployment, with all the necessary security features enabled. To learn more about how SonicWall NSv Series excels in AWS environments, click here.

Source :

First Malware Targeting AWS Lambda Serverless Platform Discovered

A first-of-its-kind malware targeting Amazon Web Services’ (AWS) Lambda serverless computing platform has been discovered in the wild.

Dubbed “Denonia” after the name of the domain it communicates with, “the malware uses newer address resolution techniques for command and control traffic to evade typical detection measures and virtual network access controls,” Cado Labs researcher Matt Muir said.

The artifact analyzed by the cybersecurity company was uploaded to the VirusTotal database on February 25, 2022, sporting the name “python” and packaged as a 64-bit ELF executable.

However, the filename is a misnomer, as Denonia is programmed in Go and harbors a customized variant of the XMRig cryptocurrency mining software. That said, the mode of initial access is unknown, although it’s suspected it may have involved the compromise of AWS Access and Secret Keys.

Another notable feature of the malware is its use of DNS over HTTPS (DoH) for communicating with its command-and-control server (“gw.denonia[.]xyz”) by concealing the traffic within encrypted DNS queries.

In a statement shared with The Hacker News, Amazon stressed that “Lambda is secure by default, and AWS continues to operate as designed,” and that users violating its acceptable use policy (AUP) will be prohibited from using its services.

While Denonia has been clearly designed to target AWS Lambda since it checks for Lambda environment variables prior to its execution, Cado Labs also found that it can be run outside of it in a standard Linux server environment.

“The software described by the researcher does not exploit any weakness in Lambda or any other AWS service,” the company said. “Since the software relies entirely on fraudulently obtained account credentials, it is a distortion of facts to even refer to it as malware because it lacks the ability to gain unauthorized access to any system by itself.”

However, “python” isn’t the only sample of Denonia unearthed so far, what with Cado Labs finding a second sample (named “bc50541af8fe6239f0faa7c57a44d119.virus“) that was uploaded to VirusTotal on January 3, 2022.

“Although this first sample is fairly innocuous in that it only runs crypto-mining software, it demonstrates how attackers are using advanced cloud-specific knowledge to exploit complex cloud infrastructure, and is indicative of potential future, more nefarious attacks,” Muir said.

Source :