Threat Activity Cluster #4: Strawberry with Sprinkles
Blog Published: 07/05/2022
This blog was originally published by Alert Logic here. Written by Josh Davies and Gareth Protheroe, Alert Logic. In the next edition of our ice cream activity cluster blog series, we’re shining the spotlight on another historic actor that undertook a significant remodeling of their tactics, ...
CCSK Success Stories: From a CISO and Chief Privacy Officer
Blog Published: 07/01/2022
This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...
What is the CSA Cloud Controls Matrix and Why Should Everyone on the Cloud Care?
Blog Published: 07/01/2022
This blog was originally published by Pivot Point Security here. If you’re not on the cloud you must be very afraid of heights. With nearly 100% of businesses now using cloud services, how are cloud service providers (CSPs) proving to customers and other stakeholders that they are secure?To talk ...
Five Steps to a Secure Cloud Architecture
Blog Published: 06/30/2022
This blog was originally published by Fugue here. By Josh Stella, Chief Architect, Snyk, Co-Founder, Fugue. Cloud computing cyberattacks don’t play out like the scenes from Hollywood thrillers. No one is slowly lowering Tom Cruise into a preselected target’s secure data center equipped with ult...
Zero Trust Creator John Kindervag Joins Cloud Security Alliance as Security Advisor
Press Release Published: 06/30/2022
Renowned cybersecurity expert brings more than 25 years of experience to Zero Trust Advancement CenterSEATTLE – June 30, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud comp...
Definitive Guide to Kubernetes Admission Controller
Blog Published: 06/30/2022
This blog was originally published by ARMO here. Written by Leonid Sandler, CTO & Co-founder, ARMO.What is Kubernetes Admission Controller?Kubernetes Admission Controller is an advanced plugin for gating and governing the configuration changes and workload deployment in a cluster. Admission C...
Understanding Compliance Platform Capabilities: Black Box Automation Has its Limitations
Blog Published: 06/29/2022
This blog was originally published by Coalfire here.Written by Dixon Wright, VP of Product Management, Coalfire.Compliance is hard. It is not a “black box” of opaque inputs and outputs, where systems and data are hidden and where users are oblivious to their inner workings. There has yet to be a ...
How to Protect Your Crypto from Hackers
Blog Published: 06/29/2022
This blog was originally published by TokenEx here.Written by Valerie Hare, Content Marketing Specialist, TokenEx.A McAfee report, "The Hidden Costs of Cybercrime," states that over $4 billion in cryptocurrency was stolen and nearly $1.4 billion was stolen in the first five months of 2020. While ...
What We Get Wrong About Ransomware
Blog Published: 06/29/2022
This blog was originally published by Forbes and Nasuni. Written by Andres Rodriguez, founder and CTO of Nasuni. We live in the age of ransomware. This persistent threat remains top of mind for CEOs, their boards, CIOs, CISOs and everyone in the line of fire in IT. Yet we still get so much wrong ...
SynLapse – Technical Details for Critical Azure Synapse Vulnerability
Blog Published: 06/28/2022
This blog was originally published by Orca Security on June 14, 2022. Written by Tzah Pahima, Orca Security. One attack vector closed, additional hardening is recommended This blog describes the technical details of SynLapse, in continuation to our previous blog. We waited to publish until now in...
Enabling Pervasive Zero Trust
Blog Published: 06/28/2022
This blog was originally published by CrowdStrike on March 9, 2022. Written by George Kurtz, CrowdStrike. The security problems that plague organizations today actually haven’t changed much in 30 years. Weak and shared passwords, misconfigurations and vulnerabilities are problems that have tormen...
Cloud Security Alliance, Cyber Risk Institute Partner to Create Cloud Controls Matrix (CCM) Addendum for the Financial Sector
Press Release Published: 06/28/2022
Strategic collaboration addresses sector-specific requirements within CCM frameworkSEATTLE – June 28, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment,...
CSA and the Cyber Risk Institute: CCM Addendum for the Financial Sector
Blog Published: 06/28/2022
The CSA Cloud Controls Matrix (CCM) is 11 years old. Almost a teenager! Over time it has evolved and matured and has been a fundamental piece of the cloud journey for several thousands of organizations worldwide. Virtually any organization willing to implement cloud computing in a secure way has...
Securing Your Cloud Transformation Journey with Smart Cybersecurity Investments
Blog Published: 06/27/2022
Written by Syam Thommandru, VP, Global Alliances and Product Management, Cybersecurity & GRC Services, HCL Technologies and Vinay Anand, VP, Prisma Cloud, Palo Alto Networks. There is no denying that cloud is the new norm. As a critical enabler of business during the pandemic, more businesses...
What a More Holistic Approach to Cloud-Native Security and Observability Looks Like
Blog Published: 06/27/2022
This blog was originally published by Tigera here. Written by Laura Ferguson, Tigera. The rise of cloud native and containerization, along with the automation of the CI/CD pipeline, introduced fundamental changes to existing application development, deployment, and security paradigms. Because clo...
Organizations Strengthen Their Cybersecurity Defense Against Ransomware and Cyber Attacks
Blog Published: 06/27/2022
This blog was originally published by A-LIGN here. Written by Patrick Sullivan, VP of Customer Success, A-LIGN. To date, 2021 was the most disruptive year with regards to cyberattacks — and it’s looking like 2022 could be even more challenging for organizations who are still working to implement ...
#1 Threat to Cloud Computing: Insufficient Identity, Credential, Access, and Key Management
Blog Published: 06/25/2022
Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...
Four Reasons for Alert Fatigue and How to Make It Stop
Blog Published: 06/24/2022
This blog was originally published by LogicHub here. Written by Ryan Thomas, VP of Product Management, LogicHub. Alert (or alarm) fatigue is the phenomenon of becoming desensitized (and thus ignoring or failing to respond appropriately) to signals meant to warn us about emergencies.IT security...
What to Look for in a CNAPP Solution
Blog Published: 06/24/2022
Written by Aqua Security. As large-scale cloud native deployments become more prevalent, enterprises are trying to bring greater efficiency and speed to cloud native security. To do this, they’re moving to shift security left, implementing intelligent automation, cloud security posture management...
Security as a Differentiator: How to Market the Secure Customer Experience
Blog Published: 06/23/2022
This blog was originally published by Coalfire here.Written by Nathan DeMuth, Vice President, Cloud Services, Coalfire.Leveraging software development lifecycle security as a go-to-market differentiator is imperative in setting companies apart from competitors. As Coalfire’s Cloud Advisory Board ...
