Category: Cloud Security

July 25, 2024

Open source containerization platform Docker has urged users to patch a critical vulnerability affecting certain versions of the Docker Engine that allows privilege escalation using specially crafted API requests. Tagged as CVE-2024-41110, the vulnerability was first discovered in 2018 and […]

July 18, 2024

A Cloud-Native Application Protection Platform (CNAPP) is a unified security solution that protects applications and data in cloud environments. It integrates various security tools and practices to offer comprehensive protection, ensuring that cloud-native applications remain secure throughout their lifecycle. CNAPPs […]

July 9, 2024

A few weeks ago, my wife asked me why stopping threat actors from impacting our lives is so difficult. In this digital age, the necessity to connect online brings inherent exposure to vulnerabilities. The challenge for you as a security […]

July 9, 2024

With new leadership, key acquisitions, and a platform-based vision, Cisco is betting big on security. Cisco’s dominance in networking and telecommunications products and services is well established, but its role in cybersecurity is less cemented. It has provided security software […]

June 26, 2024

Thales research comes at a time when cloud security is under heightened scrutiny. Leading cloud providers, such as Microsoft and others, have been targeted by sophisticated threat groups targeting companies, government agencies and other organizations that store data in the […]

June 25, 2024

Cybersecurity provider Orca has added new source code posture management capabilities to its cloud security offering by adding support for popular source code management (SCM) platforms. The new capabilities are designed to round out Orca’s cloud security offering by adding […]

June 20, 2024

Businesses’ use of numerous cloud services coupled with rapid software development and delivery practices is creating an explosion in potential attack surfaces — including myriad APIs, applications and data across multiple locations. Attackers are taking advantage, with eight out of […]

June 17, 2024

Cloud security strikes fear into the heart of CISOs and risk practitioners alike. For years there were alarmist warnings “the cloud is just someone else’s computer”, “once it’s in the cloud it’s no longer yours”, “you don’t know where your […]

June 13, 2024

More and more, we’re seeing businesses shift operations to the cloud. While the pandemic accelerated migration rates as companies sought to better support remote workers, the cloud had been gaining popularity for years thanks to its agility, scalability, and cost-efficiency […]

June 12, 2024

I’ve always called for independent backups of everything. Whether it’s in your data center, an IaaS vendor like AWS, or a SaaS vendor like Microsoft 365, it needs independent backup. However, some people believe we should trust the cloud vendors […]

June 11, 2024

As businesses increasingly migrate to the cloud, chief information security officers (CISOs) face numerous critical challenges in ensuring robust cloud security. Don’t believe me? Experts highlighted this at the recent Gartner Security & Risk Management Summit. Gartner projects a significant […]

June 10, 2024

Fortinet has reached an agreement to buy cloud security company Lacework for an undisclosed amount. Founded in 2015, Lacework is known for its cloud-based machine learning, AI and automation technology that lets customers manage and secure cloud workflows. Its security […]

June 5, 2024

The cloud will become a cornerstone of enterprise operations as IDC estimates that by 2025, there will be over 750 million cloud-native applications globally. Additionally, over 90% of organizations anticipate employing a multi-cloud approach over the next few years. Considering […]

June 4, 2024

Tenable Research has reported a vulnerability in Microsoft Azure service tags that “allows an attacker to bypass firewall rules … by forging requests from trusted services.” “The vulnerability was discovered initially in the Azure Application Insights service, but we and […]

May 28, 2024

The latest software library compromise of an obscure but popular file compression algorithm called XZ Utils shows how critical these third-party components can be in keeping enterprises safe and secure. As CSO reported last month, a hacker was able to […]

May 22, 2024

Today’s enterprises need more help managing and securing their distributed networking environments than they ever have, Cisco concludes in its Global Networking Trends Report. The research, released this week, analyzes the networking challenges, IT and business priorities, architectural maturity, and […]

May 20, 2024

I once transitioned from a SaaS CTO role to become a business unit CIO at a Fortune 100 enterprise that aimed to bring startup development processes, technology, and culture into the organization. The executives recognized the importance of developing customer-facing […]

May 17, 2024

Distributed denial of service (DDoS) attacks have been part of the criminal toolbox for over twenty years, and they’re only growing more prevalent and stronger. What is a DDoS attack? A distributed denial of service (DDoS) attack is when an […]

May 15, 2024

IBM and Palo Alto Networks announced a wide-reaching partnership to mix and match security technology between the vendors. The marriage includes the sale of Big Blue’s QRadar security intelligence platform to Palo Alto. IBM and Palo Alto aim to help […]

May 14, 2024

A ransomware-as-a-service operation known as Black Basta has grown to be one of the most prolific cybercrime threats over the past two years, managing to compromise over 500 organizations from around the world. Many of its victims have been healthcare […]