Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Context Counts: How to Use Transfer Learning and Model-Aided Labeling to Train Data Tailored Models
Published: 08/17/2022

Originally published by BigID here. Written by Itamar Zaltsman, BigID. Thanks to great advances and breakthroughs in the area of Natural Language Processing (NLP), we have access to a vast amount of ready to use Named Entity Recognition (NER) classifiers. These classifiers are available in many c...

Can Ransomware Infect Encrypted Files?
Published: 08/17/2022

Originally published by ShardSecure here. Written by Marc Blackmer, VP of Marketing, ShardSecure. By now, you likely know that ransomware has become a major concern for businesses and organizations across the globe. The European Union Agency for Cybersecurity (ENISA) noted a 150% rise in ransomwa...

Treating Healthcare’s Insider Threat
Published: 08/16/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. There’s an old joke about why bank robbers rob banks. Because that’s where the money is. Given the valuable assets under their care, banks, fintech, insurance, and other financial institutions have understood that they h...

Google Workspace - Log Insights to Your Threat Hunt
Published: 08/16/2022

Originally published by Mitiga here. Written by Ariel Szarf and Lionel Saposnik, Mitiga. Google Workspace is a popular service for document collaboration for organizations and for individual users. Threat actors note that the popularity of this service has increased and search for ways to exp...

An Overview on the Modern, Cloud-Native SOC Platform
Published: 08/15/2022

Originally published by Panther here. Written by Mark Stone, Panther. For the modern security team, the concepts of Security Operations Center (SOC) and Security Information and Event Management (SIEM) are well known and have become increasingly crucial. To defend against the wide range of cyber ...

How to Secure and Protect Your Kubernetes Cluster?
Published: 08/15/2022

Originally published by ARMO here. Written by Rotem Refael, Director of Engineering, ARMO. Kubernetes is the de-facto container management platform of today and the future. It has increased the scalability and flexibility of applications and eliminated vendor lock-in. Kubernetes also brings a lot...

CCSK Success Stories: From the VP of Internal Security and IT
Published: 08/12/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

Who Performs a SOC 2 Audit? The Role of SOC 2 Auditors vs. Compliance Software
Published: 08/12/2022

Originally published by A-LIGN here. Written by Stephanie Oyler, Vice President of Attestation Services, A-LIGN. Data breaches and ransomware attacks continue to dominate the news cycle. To protect data, and position themselves favorably among prospects and customers, companies need to demonstrat...

The Mendacious Magic of Cloud Tiering
Published: 08/11/2022

Originally published by Nasuni here. Written by Andres Rodriguez, CTO & founder, Nasuni. In the words of the great Arthur C. Clarke, “Any sufficiently advanced technology is indistinguishable from magic.” This is a brilliant maxim, but it doesn’t mean that a solution which appears to be magical m...

Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers
Published: 08/11/2022

Originally published by CrowdStrike here. Written by Marina Simakov, CrowdStrike. Adversaries often exploit legacy protocols like Windows NTLM that unfortunately remain widely deployed despite known vulnerabilities. The PetitPotam vulnerability, combined with AD-CS relay, is one of the recent sev...

5 Tips for Managing Shadow IT
Published: 08/11/2022

Originally published by ThirdPartyTrust here. Written by Sabrina Pagnotta, ThirdPartyTrust. With remote work exacerbating the use of personal devices, home Wi-Fi networks, and cloud-based services, organizations increasingly face blind spots known as Shadow IT: unsanctioned hardware, services, an...

With Security Analytics, Quality Means More Than Quantity
Published: 08/10/2022

Written by Rohit Dhamankar, Vice President, Threat Intelligence, Alert Logic.In the cybersecurity market, detecting attacks early — hopefully, before a breach occurs, but certainly as early in the kill chain as possible — and neutralizing them before damage is done is critical.But success in toda...

If a Recession Comes, Cut Cyber Professionals at Your Peril
Published: 08/10/2022

Originally published by CXO REvolutionaries here. Written by David Cagigal, CIO, State of Wisconsin (former).I was working for a utility company in 2008 when a bubble burst in the housing market and caused the economy to collapse. We were all asked to tighten our belts. I knew then that I had to ...

What is a Merchant-Initiated Transaction, and Why is it Considered Low Risk?
Published: 08/09/2022

Originally published by TokenEx here.Written by Anni Burchfiel, Content Marketing Specialist, TokenEx.A merchant-initiated transaction is a payment initiated by the merchant instead of the cardholder. These transactions are initiated on behalf of the customer based on an agreement between the mer...

From the Front Lines | 8220 Gang Massively Expands Cloud Botnet to 30,000 Infected Hosts
Published: 08/09/2022

Originally published by SentinelOne here. Written by Tom Hegel, SentinelOne. Over the last month a crimeware group best known as 8220 Gang has expanded their botnet to roughly 30,000 hosts globally through the use of Linux and common cloud application vulnerabilities and poorly secured conf...

Cloud Data Security Requires 20/20 Vision
Published: 08/08/2022

Originally published by Laminar here. Written by Oran Avraham, Laminar. No reasonable business leader would ever dream about leaving their logistics software unmanaged or their sales departments to their own devices. Visibility into every aspect of a business—every crevice, no matter how large or...

Why You Need Application Security Testing for Business-Critical Applications: Part 4
Published: 08/08/2022

Originally published by Onapsis here. This blog series discusses the importance of building secure business-critical applications with application security testing. In the final blog in this series, we discuss how vulnerabilities in custom code and transports can lead to security and compliance i...

Are Ransomware Attackers Ever Caught?
Published: 08/05/2022

Originally published by ShardSecure here. The growing threat of ransomware Ransomware has become a major concern for individuals, small businesses, major corporations, and the public sector alike. With recent high-profile victims ranging from oil and gas pipelines to software companies, public he...

How To Build and Optimize Your Cybersecurity Program
Published: 08/05/2022

Originally published by Axonius here. Written by Ronald Eddings, Axonius. Digital transformation has been a shock to the system for security teams — the attack landscape is ever-evolving, and organizations are constantly using new tech. From a security perspective, it can be hard to keep up.When ...

The Call Is Coming from Inside the House: Novel Exploit in VOIP Appliance
Published: 08/04/2022

Originally published by CrowdStrike here. Written by Patrick Bennett, CrowdStrike. CrowdStrike Services recently performed an investigation that identified a compromised Mitel VOIP appliance as the threat actor’s entry point. The threat actor performed a novel remote code execution exploit on the...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.