All Articles

All Articles
The "Ronald Reagan" Attack Allows Hackers to Bypass Gmail's Anti-phishing Security

Blog Published: 04/02/2018

By Yoav Nathaniel, ‎Customer Success Manager, Avanan We started tracking a new method hackers use to bypass Gmail's SPF check for spear-phishing. The hackers send from an external server, the user sees an internal user (For example, your CEO) and Gmail's SPF-check, designed to indicate the valid...

AWS Cloud: Proactive Security and Forensic Readiness – Part 3

Blog Published: 03/27/2018

Part 3: Data protection in AWS By Neha Thethi, Information Security Analyst, BH Consulting This is the third in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to protecting data within AWS. Data pro...

34 Cloud Security Terms You Should Know

Blog Published: 03/23/2018

By Dylan Press, Director of Marketing, Avanan We hope you use this as a reference not only for yourself but for your team and in training your organization. Print this out and pin it outside your cubicle. How can you properly research a cloud security solution if you don't understand what you a...

CCSK obtains course mapping approval under IMDA’s CITREP+ Programme

Press Release Published: 03/21/2018

Singaporeans can now receive subsidies for CCSK training SINGAPORE – March 21, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, is pleased to announce ...

Are Healthcare Breaches Down Because of CASBs?

Blog Published: 03/19/2018

By Salim Hafid, Product Marketing Manager, Bitglass Bitglass just released its fourth annual Healthcare Breach Report, which dives into healthcare breaches over 2017 and compares the rate of breach over previous years. A big surprise this year was the precipitous drop in the volume of breaches a...

You Are the Weakest Link – Goodbye

Blog Published: 03/14/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Security in the cloud is a top concern for the modern enterprise. Fortunately, provided that organizations do their due diligence when evaluating security tools, storing data in the cloud can be even more secure than storing data on premises. H...

AWS Cloud: Proactive Security and Forensic Readiness – Part 2

Blog Published: 03/13/2018

By Neha Thethi, Information Security Analyst, BH Consulting Part 2: Infrastructure-level protection in AWS  This is the second in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to protecting your virt...

Securing the Internet of Things: Devices & Networks

Blog Published: 03/12/2018

By Ranjeet Khanna, Director of Product Management–IoT/Embedded Security, Entrust Datacard The Internet of Things (IoT) is changing manufacturing for the better. With data from billions of connected devices and trillions of sensors, supply chain and device manufacturing operators are taking advant...

Zero-Day in the Cloud – Say It Ain't So

Blog Published: 03/09/2018

By Steve Armstrong, Regional Sales Director, Bitglass Zero-day vulnerabilities are computer or software security gaps that are unknown to the public – particularly to parties who would like to close said gaps, like the vendors of vulnerable software. To many in the infosec community, the term "...

Co-chair Needed for the Quantum-Safe Security Working Group

Article Published: 03/08/2018

The Cloud Security Alliance's Quantum-Safe Security Working Group is seeking a new co-chair to lead the working groups initiatives on cryptographic methods that will remain safe after the widespread availability of the quantum computer. These volunteer positions will have a one-year term commit...

Saturday Security Spotlight: Tesla, FedEx, & the White House

Blog Published: 03/08/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks: —Tesla hacked and used to mine cryptocurrency —FedEx exposes customer data in AWS misconfiguration —White House releases cybersecurity report —SEC categorizes knowledge of unannounced bre...

FedRAMP - Three Stages of Vulnerability Scanning and their Pitfalls

Blog Published: 03/07/2018

By Matt Wilgus, Practice Leader, Threat & Vulnerability Assessments, Schellman & Co. Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate (ATO), as FedRAMP requ...

Securing the Internet of Things: Connected Cars

Blog Published: 03/05/2018

By Ranjeet Khanna, Director of Product Management–IoT/Embedded Security, Entrust Datacard Establishing safety and security in automotive design goes far beyond crash test dummies. By 2022, the global automotive Internet of Things (IoT) market is expected to skyrocket to $82.79 billion – and man...

CASBs and Education's Flight to the Cloud

Blog Published: 03/01/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Cloud is becoming an integral part of modern organizations seeking productivity and flexibility. For higher education, cloud enables online course creation, dynamic collaboration on research documents, and more. As many cloud services like G Su...

Saturday Security Spotlight: Malware, AWS, and US Defense

Blog Published: 02/26/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks: —AndroRAT malware spies on Android users —Smart TVs easily hackable —BuckHacker tool finds unsecured data in AWS buckets —Octoly breach exposes social media stars' personal data —Russian ...

Unmanaged Device Controls, External Sharing, and Other Real CASB Use Cases

Blog Published: 02/23/2018

By Salim Hafid, Product Marketing Manager, Bitglass Many in the security industry have heard about CASBs  (cloud access security brokers) as the go-to solutions for data and threat protection in the cloud. But where exactly do CASBs slot in? If you already have a NGFW (next-gen firewall)...

A Home for CASB

Blog Published: 02/21/2018

By Kyle Watson, Partner, Information Security, Cedrus Over the past 18 months, I’ve been working on CASB in some form or another including: —Educational architectural and technical videos —Request for Proposal (RFP) assistance —Pre-sales presentations and demos —Proof of Concepts (POCs) —Implem...

Malware P.I. – Odds Are You're Infected

Blog Published: 02/19/2018

By Jacob Serpa, Product Marketing Manager, Bitglass In Bitglass' latest report, Malware P.I., the Next-Gen CASB company uncovered startling information about the rate of malware infection amongst organizations. Additionally, experiments with a new piece of zero-day malware yielded shocking resul...

Agentless Mobile Security: No More Tradeoffs

Blog Published: 02/15/2018

By Kevin Lee, Systems QA Engineer, Bitglass Have you ever seen a "Pick two out of three” diagram? They present three concepts and force individuals to select the one that they see as the least important. The tradeoffs between convenience, privacy, and security serve as a perfect example ...

Cloud Security Alliance Releases New Report Examining Ways in Which Blockchain Technology Can Facilitate, Improve IoT Security

Press Release Published: 02/13/2018

Report offers high-level overview, use-case examples of blockchain for IoT security SEATTLE, WA – Feb. 13, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment,...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.