How to Prepare for a Salesforce Permissions Audit
Blog Published: 06/22/2022
This blog was originally published by Varonis here. Written by Mike Mason, Varonis. Salesforce holds a wealth of customer data — and Salesforce audits are becoming a priority for organizations that want to ensure that information is kept secure and within the guardrails of privacy law.Audits are ...
Cloud Security Risk Often Lingers - Why That Should Alarm You!
Blog Published: 06/21/2022
Written by Tim Sedlack, Sr. Director, Product Management, BeyondTrust. I think you’d agree that, today, “The Cloud” is ubiquitous. If surveys are to be believed, most of us are using more than one cloud service provider (CSP) to achieve our goals of speed of service, simplicity, and (generally) c...
Best Practices for Effective Cloud Data Security
Blog Published: 06/21/2022
This blog was originally published by Laminar here. Written by Andy Smith, Laminar. Digital transformation and the shift to the cloud have accelerated in the past couple of years due to COVID-19 and the remote, work-from-home business model. Gartner projects that companies will spend nearly $400 ...
Why is MFA Important to Your Cloud Account
Blog Published: 06/21/2022
This blog was originally published by Sysdig here. Written by David Gonzalez, Sysdig. Recently, we have been facing a recurring problem related to cloud security – breaches based on credentials leak or breakage. Users tend to log into their accounts using a single factor system, such as a user ...
Achieving Zero Trust? One Size Does Not Fit All
Blog Published: 06/20/2022
This blog was originally published by Lookout here.Written by Hank Schless, Senior Manager, Security Solutions, Lookout.How mobile and cloud technologies enable us to be reliableMore than a year of near-universal remote work has proven that many of us can reliably stay productive from anywhere — ...
How a Strong Identity Protection Strategy Can Accelerate Your Cyber Insurance Initiatives
Blog Published: 06/20/2022
This blog was originally published by CrowdStrike here. Written by Narendran Vaideeswaran, CrowdStrike. The growth in frequency and severity of cyberattacks has caused organizations to rethink their security strategies. Major recent security threats, such as high-profile ransomware attacks and th...
What is Disaster Recovery as a Service? | 10 Benefits to DRaaS
Blog Published: 06/18/2022
Written by the Security as a Service Working Group.PurposeBacking up, or making an extra copy of data in case of accidental deletion or corruption is often a standalone service. Disaster Recovery as a Service (DRaaS) is a cloud computing service model that allows organizations to back up data and...
What is the Cloud Security Alliance and Why Should I (as Someone Selling or Buying Cloud Services) Care?
Blog Published: 06/17/2022
This blog was originally published by Pivot Point Security here.If you’re not involved in cloud services you’re probably frozen in ice somewhere. With SaaS penetration nearing 100% of businesses, what is the state of cloud security?To talk about the biggest issues and answers in cloud security to...
How to Secure Kubernetes Pods Post-PSPs Deprecation
Blog Published: 06/17/2022
This blog was originally published by ARMO here. Written by Amir Kaushansky, VP Product, ARMO. Kubernetes pods are the basic building blocks of Kubernetes. It's managing one or more tightly coupled application containers allowing them to share resources and networks. Pods are hosted on nodes, whi...
Pros and Cons of a C5 Examination
Blog Published: 06/16/2022
This blog was originally published by Schellman here. Written by Kristen Wilbur, Schellman. When Daenerys Targaryen made the decision to march north with Jon Snow in HBO’s Game of Thrones, she weighed the pros and the cons. The pros? Possibly saving the world. The cons? Dying in a mass ice zombie...
Why Cloud Native Requires a Holistic Approach to Security and Observability
Blog Published: 06/16/2022
This blog was originally published by Tigera here. Written by Laura Ferguson, Tigera. Like any great technology, the interest in and adoption of Kubernetes (an excellent way to orchestrate your workloads, by the way) took off as cloud native and containerization grew in popularity. With that came...
Computer Network Operations During the Russian Invasion of Ukraine
Blog Published: 06/15/2022
This blog was originally published by VGS on May 12, 2022. Written by Kenneth Geers, PhD, Information Security Analyst at VGS. Information is life. Therefore, when nations go to war, information operations – including data theft, denial, and manipulation – are one of the keys to victory. Even in ...
Threat Activity Cluster #3: Strawberry
Blog Published: 06/15/2022
This blog was originally published by Alert Logic here. Written by Josh Davies and Gareth Protheroe, Alert Logic. The next flavor from the Alert Logic data set in the activity clustering series is Strawberry. Before diving into this activity cluster, be sure to read the series introduction ...
The 3 Biggest Challenges Faced by Today's SOCs & One Smart Solution
Blog Published: 06/14/2022
This blog was originally published by LogicHub here. Written by Kumar Saurabh, CEO and Co-founder, LogicHub. As a security operations professional, you've put in your fair share of late nights. You know what it's like to wake up to a deluge of alerts and the need to assess the situation — fast. Y...
Runtime Protection: The Secret Weapon for Stopping Breaches in the Cloud
Blog Published: 06/14/2022
This blog was originally published by CrowdStrike here. Written by David Puzas, CrowdStrike. Mistakes are easy to make, but in the world of cloud computing, they aren’t always easy to find and remediate without help. Cloud misconfigurations are frequently cited as the most common causes of breach...
What is CEO Fraud Phishing?
Blog Published: 06/14/2022
This blog was originally published by TokenEx here.Written by Anni Burchfiel, Content Marketing Specialist, TokenEx.As companies bolster their security infrastructure and increase budgets to deflect growing cyber-attacks, hackers are attacking the weakest link: human error. Social engineering cyb...
Predictive Analytics and Machine Learning in Cybersecurity: an Untapped Opportunity for ‘Negative’ Response Time
Blog Published: 06/13/2022
This blog was originally published by CXO REvolutionaries here. Written by Brad Moldenhauer, CISO - Americas, Zscaler. The chief information security officer (CISO) is measured by his or her ability to reduce risk, control cost, and minimize friction among employees, data, and the business at lar...
Far, Wide, and Worrisome: Third-Party Blind Spots Bring Risk
Blog Published: 06/13/2022
This blog was originally published by OneTrust here. Whether it’s legal, procurement, human resources, security — every business unit within an organization is optimizing a network of vendors, also known as third parties. Those vendors, while specializing in specific functions that boost speed an...
Vulnerable AWS Lambda Function – Initial Access in Cloud Attacks
Blog Published: 06/10/2022
This blog was originally published by Sysdig here. Written by Stefano Chierici, Sysdig. Our security research team prepared to explain a real attack scenario from the black box and white box perspective on how a vulnerable AWS Lambda function could be used by attackers as initial access into your...
Why You Need Application Security Testing for Business-Critical Applications: Part 2
Blog Published: 06/10/2022
This blog was originally published by Onapsis here.In this blog series, we discuss the importance of building secure business-critical applications with application security testing. In part one, we shared that while speed is the driving force behind application development, on-time application d...
