""Given the significant savings to be had from using open source
applications, Sun's strategy is a security testing at all stages in
the customization process," said Richard Kirk, Fortify European
""It's also good to see Sun announcing its support for the new
security guidance from the Cloud Security Alliance, since this
means that its open source apps will support the best practice
guidelines, which is essential when supporting a private cloud
infrastructure," he added.
"According to Kirk, whilst the use of encryption and VPNs to
extend a secure bridge between a company IT resource and a private
cloud facility is very positive - especially now that Amazon is
best testing its pay-as-you-go private cloud facility - it's
important that the underlying application code is also secure."