Definitive Guide to Kubernetes Admission Controller
Blog Published: 06/30/2022
This blog was originally published by ARMO here. Written by Leonid Sandler, CTO & Co-founder, ARMO.What is Kubernetes Admission Controller?Kubernetes Admission Controller is an advanced plugin for gating and governing the configuration changes and workload deployment in a cluster. Admission C...
Understanding Compliance Platform Capabilities: Black Box Automation Has its Limitations
Blog Published: 06/29/2022
This blog was originally published by Coalfire here.Written by Dixon Wright, VP of Product Management, Coalfire.Compliance is hard. It is not a “black box” of opaque inputs and outputs, where systems and data are hidden and where users are oblivious to their inner workings. There has yet to be a ...
How to Protect Your Crypto from Hackers
Blog Published: 06/29/2022
This blog was originally published by TokenEx here.Written by Valerie Hare, Content Marketing Specialist, TokenEx.A McAfee report, "The Hidden Costs of Cybercrime," states that over $4 billion in cryptocurrency was stolen and nearly $1.4 billion was stolen in the first five months of 2020. While ...
What We Get Wrong About Ransomware
Blog Published: 06/29/2022
This blog was originally published by Forbes and Nasuni. Written by Andres Rodriguez, founder and CTO of Nasuni. We live in the age of ransomware. This persistent threat remains top of mind for CEOs, their boards, CIOs, CISOs and everyone in the line of fire in IT. Yet we still get so much wrong ...
SynLapse – Technical Details for Critical Azure Synapse Vulnerability
Blog Published: 06/28/2022
This blog was originally published by Orca Security on June 14, 2022. Written by Tzah Pahima, Orca Security. One attack vector closed, additional hardening is recommended This blog describes the technical details of SynLapse, in continuation to our previous blog. We waited to publish until now in...
Enabling Pervasive Zero Trust
Blog Published: 06/28/2022
This blog was originally published by CrowdStrike on March 9, 2022. Written by George Kurtz, CrowdStrike. The security problems that plague organizations today actually haven’t changed much in 30 years. Weak and shared passwords, misconfigurations and vulnerabilities are problems that have tormen...
Cloud Security Alliance, Cyber Risk Institute Partner to Create Cloud Controls Matrix (CCM) Addendum for the Financial Sector
Press Release Published: 06/28/2022
Strategic collaboration addresses sector-specific requirements within CCM frameworkSEATTLE – June 28, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment,...
CSA and the Cyber Risk Institute: CCM Addendum for the Financial Sector
Blog Published: 06/28/2022
The CSA Cloud Controls Matrix (CCM) is 11 years old. Almost a teenager! Over time it has evolved and matured and has been a fundamental piece of the cloud journey for several thousands of organizations worldwide. Virtually any organization willing to implement cloud computing in a secure way has...
Securing Your Cloud Transformation Journey with Smart Cybersecurity Investments
Blog Published: 06/27/2022
Written by Syam Thommandru, VP, Global Alliances and Product Management, Cybersecurity & GRC Services, HCL Technologies and Vinay Anand, VP, Prisma Cloud, Palo Alto Networks. There is no denying that cloud is the new norm. As a critical enabler of business during the pandemic, more businesses...
What a More Holistic Approach to Cloud-Native Security and Observability Looks Like
Blog Published: 06/27/2022
This blog was originally published by Tigera here. Written by Laura Ferguson, Tigera. The rise of cloud native and containerization, along with the automation of the CI/CD pipeline, introduced fundamental changes to existing application development, deployment, and security paradigms. Because clo...
Organizations Strengthen Their Cybersecurity Defense Against Ransomware and Cyber Attacks
Blog Published: 06/27/2022
This blog was originally published by A-LIGN here. Written by Patrick Sullivan, VP of Customer Success, A-LIGN. To date, 2021 was the most disruptive year with regards to cyberattacks — and it’s looking like 2022 could be even more challenging for organizations who are still working to implement ...
#1 Threat to Cloud Computing: Insufficient Identity, Credential, Access, and Key Management
Blog Published: 06/25/2022
Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...
Four Reasons for Alert Fatigue and How to Make It Stop
Blog Published: 06/24/2022
This blog was originally published by LogicHub here. Written by Ryan Thomas, VP of Product Management, LogicHub. Alert (or alarm) fatigue is the phenomenon of becoming desensitized (and thus ignoring or failing to respond appropriately) to signals meant to warn us about emergencies.IT security...
What to Look for in a CNAPP Solution
Blog Published: 06/24/2022
Written by Aqua Security. As large-scale cloud native deployments become more prevalent, enterprises are trying to bring greater efficiency and speed to cloud native security. To do this, they’re moving to shift security left, implementing intelligent automation, cloud security posture management...
Security as a Differentiator: How to Market the Secure Customer Experience
Blog Published: 06/23/2022
This blog was originally published by Coalfire here.Written by Nathan DeMuth, Vice President, Cloud Services, Coalfire.Leveraging software development lifecycle security as a go-to-market differentiator is imperative in setting companies apart from competitors. As Coalfire’s Cloud Advisory Board ...
3 Vulnerability Management Challenges for SAP Applications (and How to Overcome Them)
Blog Published: 06/23/2022
This blog was originally published by Onapsis here.Written by Maaya Alagappan, Social Media and Content Strategist, Onapsis.Business-critical applications have never been more vulnerable. The increasing complexity and size of application environments, customization of individual apps, and growing...
Supply Chain Attack: CTX Account Takeover and PHPass Hijack Explained
Blog Published: 06/23/2022
This blog was originally published by Orca Security on June 13, 2022. Written by Lidor Ben Shitrit, Orca Security. When discussing supply chain attacks, it is important to remember that they rely on a trusted third-party vendor who offers essential services or software to the supply chain. If a p...
The War On Data: Three Defense Mechanisms Your Business Needs To Adopt
Blog Published: 06/22/2022
This blog was originally posted to the Forbes Technology Council and Nasuni.Written by Andres Rodriguez, Nasuni. We have entered an unusual new age of security. The Colonial Pipeline incident, which cut off a major source of fuel for the Eastern United States, was a reminder that bad actors are o...
Answers to Common Questions About the Applicability of the PCI DSS to Service Providers
Blog Published: 06/22/2022
This blog was originally published by Weaver here. Written by Kyle Morris, Senior Manager, Weaver. How does the Payment Card Industry (PCI) Data Security Standard (DSS) apply to service providers? Service providers are entities that are directly involved in the storing, processing, or transmittin...
New Survey from Cloud Security Alliance and Google Finds Cloud Adoption Improves Risk Management and Mitigation
Press Release Published: 06/22/2022
Study provides a deeper understanding of public cloud adoption and risk management practices within the enterpriseSEATTLE – June 22, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secu...
