3 Vulnerability Management Challenges for SAP Applications (and How to Overcome Them)
Blog Published: 06/23/2022
This blog was originally published by Onapsis here.Written by Maaya Alagappan, Social Media and Content Strategist, Onapsis.Business-critical applications have never been more vulnerable. The increasing complexity and size of application environments, customization of individual apps, and growing...
Supply Chain Attack: CTX Account Takeover and PHPass Hijack Explained
Blog Published: 06/23/2022
This blog was originally published by Orca Security on June 13, 2022. Written by Lidor Ben Shitrit, Orca Security. When discussing supply chain attacks, it is important to remember that they rely on a trusted third-party vendor who offers essential services or software to the supply chain. If a p...
The War On Data: Three Defense Mechanisms Your Business Needs To Adopt
Blog Published: 06/22/2022
This blog was originally posted to the Forbes Technology Council and Nasuni.Written by Andres Rodriguez, Nasuni. We have entered an unusual new age of security. The Colonial Pipeline incident, which cut off a major source of fuel for the Eastern United States, was a reminder that bad actors are o...
Answers to Common Questions About the Applicability of the PCI DSS to Service Providers
Blog Published: 06/22/2022
This blog was originally published by Weaver here. Written by Kyle Morris, Senior Manager, Weaver. How does the Payment Card Industry (PCI) Data Security Standard (DSS) apply to service providers? Service providers are entities that are directly involved in the storing, processing, or transmittin...
New Survey from Cloud Security Alliance and Google Finds Cloud Adoption Improves Risk Management and Mitigation
Press Release Published: 06/22/2022
Study provides a deeper understanding of public cloud adoption and risk management practices within the enterpriseSEATTLE – June 22, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secu...
How to Prepare for a Salesforce Permissions Audit
Blog Published: 06/22/2022
This blog was originally published by Varonis here. Written by Mike Mason, Varonis. Salesforce holds a wealth of customer data — and Salesforce audits are becoming a priority for organizations that want to ensure that information is kept secure and within the guardrails of privacy law.Audits are ...
Cloud Security Risk Often Lingers - Why That Should Alarm You!
Blog Published: 06/21/2022
Written by Tim Sedlack, Sr. Director, Product Management, BeyondTrust. I think you’d agree that, today, “The Cloud” is ubiquitous. If surveys are to be believed, most of us are using more than one cloud service provider (CSP) to achieve our goals of speed of service, simplicity, and (generally) c...
Best Practices for Effective Cloud Data Security
Blog Published: 06/21/2022
This blog was originally published by Laminar here. Written by Andy Smith, Laminar. Digital transformation and the shift to the cloud have accelerated in the past couple of years due to COVID-19 and the remote, work-from-home business model. Gartner projects that companies will spend nearly $400 ...
Why is MFA Important to Your Cloud Account
Blog Published: 06/21/2022
This blog was originally published by Sysdig here. Written by David Gonzalez, Sysdig. Recently, we have been facing a recurring problem related to cloud security – breaches based on credentials leak or breakage. Users tend to log into their accounts using a single factor system, such as a user ...
Achieving Zero Trust? One Size Does Not Fit All
Blog Published: 06/20/2022
This blog was originally published by Lookout here.Written by Hank Schless, Senior Manager, Security Solutions, Lookout.How mobile and cloud technologies enable us to be reliableMore than a year of near-universal remote work has proven that many of us can reliably stay productive from anywhere — ...
How a Strong Identity Protection Strategy Can Accelerate Your Cyber Insurance Initiatives
Blog Published: 06/20/2022
This blog was originally published by CrowdStrike here. Written by Narendran Vaideeswaran, CrowdStrike. The growth in frequency and severity of cyberattacks has caused organizations to rethink their security strategies. Major recent security threats, such as high-profile ransomware attacks and th...
What is Disaster Recovery as a Service? | 10 Benefits to DRaaS
Blog Published: 06/18/2022
Written by the Security as a Service Working Group.PurposeBacking up, or making an extra copy of data in case of accidental deletion or corruption is often a standalone service. Disaster Recovery as a Service (DRaaS) is a cloud computing service model that allows organizations to back up data and...
What is the Cloud Security Alliance and Why Should I (as Someone Selling or Buying Cloud Services) Care?
Blog Published: 06/17/2022
This blog was originally published by Pivot Point Security here.If you’re not involved in cloud services you’re probably frozen in ice somewhere. With SaaS penetration nearing 100% of businesses, what is the state of cloud security?To talk about the biggest issues and answers in cloud security to...
How to Secure Kubernetes Pods Post-PSPs Deprecation
Blog Published: 06/17/2022
This blog was originally published by ARMO here. Written by Amir Kaushansky, VP Product, ARMO. Kubernetes pods are the basic building blocks of Kubernetes. It's managing one or more tightly coupled application containers allowing them to share resources and networks. Pods are hosted on nodes, whi...
Pros and Cons of a C5 Examination
Blog Published: 06/16/2022
This blog was originally published by Schellman here. Written by Kristen Wilbur, Schellman. When Daenerys Targaryen made the decision to march north with Jon Snow in HBO’s Game of Thrones, she weighed the pros and the cons. The pros? Possibly saving the world. The cons? Dying in a mass ice zombie...
Why Cloud Native Requires a Holistic Approach to Security and Observability
Blog Published: 06/16/2022
This blog was originally published by Tigera here. Written by Laura Ferguson, Tigera. Like any great technology, the interest in and adoption of Kubernetes (an excellent way to orchestrate your workloads, by the way) took off as cloud native and containerization grew in popularity. With that came...
Computer Network Operations During the Russian Invasion of Ukraine
Blog Published: 06/15/2022
This blog was originally published by VGS on May 12, 2022. Written by Kenneth Geers, PhD, Information Security Analyst at VGS. Information is life. Therefore, when nations go to war, information operations – including data theft, denial, and manipulation – are one of the keys to victory. Even in ...
Threat Activity Cluster #3: Strawberry
Blog Published: 06/15/2022
This blog was originally published by Alert Logic here. Written by Josh Davies and Gareth Protheroe, Alert Logic. The next flavor from the Alert Logic data set in the activity clustering series is Strawberry. Before diving into this activity cluster, be sure to read the series introduction ...
The 3 Biggest Challenges Faced by Today's SOCs & One Smart Solution
Blog Published: 06/14/2022
This blog was originally published by LogicHub here. Written by Kumar Saurabh, CEO and Co-founder, LogicHub. As a security operations professional, you've put in your fair share of late nights. You know what it's like to wake up to a deluge of alerts and the need to assess the situation — fast. Y...
Runtime Protection: The Secret Weapon for Stopping Breaches in the Cloud
Blog Published: 06/14/2022
This blog was originally published by CrowdStrike here. Written by David Puzas, CrowdStrike. Mistakes are easy to make, but in the world of cloud computing, they aren’t always easy to find and remediate without help. Cloud misconfigurations are frequently cited as the most common causes of breach...
