Industry Insights
Read the latest cloud security news, trends, and thought leadership from subject matter experts.
Have You Budgeted for the Next Heartbleed?
By Gavin Hill, Director/Product Marketing and Threat Intelligence, Venafi Last month the Heartbleed vulnerability took the world by storm. IT groups across the globe scrambled to patch systems that were susceptible to the OpenSSL vulnerability known as Heartbleed. Y2K—the millennium bug—has been...
SOC in 5 Simple Steps
By Ryan Dean, Senior AssociateBrightLineAs an audit firm, we are frequently contacted by service organizations that know they need a SOC report (usually by way of a client request), but don’t know where to begin. With that in mind, I have broken down the process of obtaining a SOC report into fiv...
CLOUD SECURITY INNOVATORS – Q+A WITH GEORGE DO, CISO, EQUINIX
April 30, 2014 By Brandon Cook, director of product marketing (@BCookshow) Skyhigh Networks We are incredibly excited to feature a Q+A session with George Do, CISO of Equinix, as the first in our new monthly Skyhigh Networks Cloud Security Innovators blog series. Every month we will inter...
Heartbleed Changed the Security Landscape, but Few Organizations Realize It
With the media no longer focusing on the Heartbleed vulnerability, most people think that organizations have adequately addressed the problem, and the threat has passed. Because most people don’t understand the full impact of Heartbleed, however, they don’t realize that the fallout from this one ...
.jpg)
Heartbleed Remediation: Replace ALL Keys and Certificates
By Kevin Bocek, VP, Security Strategy & Threat Intelligence, Venafi. Response is not complete until trust is re-establishedBy now most organizations have responded to the Heartbleed vulnerability by patching vulnerable systems. Good. The next step must be to replace ALL keys and certificates. Suc...
Exception Sprawl
By Krishna Narayanaswamy, Chief Scientist at NetskopeWe released the Netskope Cloud Report today. One of the key findings of the report is that 90 percent of cloud app usage is in apps blocked by perimeter technology.How can this be the case? Are all the firewalls broken?That usage is the excepti...
The World is Failing to Remediate the Heartbleed Vulnerability
By Kevin Bocek, VP, Security Strategy & Threat Intelligence, Venafi. Time is running out to change keys and certificates or else…The world appears to be failing to respond to the Heartbleed vulnerability. In fact well under 16% of vulnerable keys and certificates have been replaced. Experts Bruce...
Responding to New SSL Cybersecurity Threats—Gartner Featured Research
By Gavin Hill, Director, Product Marketing and Threat Intelligence, VenafiWhen it comes to defending against advanced threats that take advantage of keys and certificates, most organizations have a gaping hole in their security strategy. Cyber criminals on the other hand know all too well how lit...
Remediating Heartbleed with Next-Generation Trust Protection
By Gavin Hill, Director, Product Marketing and Threat Intelligence, Venafi. Heartbleed ImpactThe Heartbleed vulnerability unequivocally demonstrates the impact a single vulnerability has on all organizations when keys and certificates are exposed. Cyber-criminals have unfettered access to the key...
Dropbox joins the Cloud Security Alliance
Here at Dropbox, keeping your stuff safe isn’t just part of our mission; it’s our top priority. As part of that, we’ve been engaging with the Cloud Security Alliance (CSA), a not-for-profit organization that promotes and provides education around cloud security best practices. Today, we’re excite...
Don’t Be Blinded by the Next Heartbleed
Organizations—from service providers, banks, and retailers to government agencies—were recently blindsided by the Heartbleed bug, a critical vulnerability in the OpenSSL cryptographic software library, which underlies trust for secure transactions worldwide. Attackers wasted no time exploiting th...
ALMOST 90% OF CLOUD PROVIDERS STILL HAVEN’T UPDATED CERTIFICATES 1 WEEK AFTER HEARTBLEED
By Harold Byun, Senior director, Product Management, Skyhigh Networks http://blog.skyhighnetworks.com/almost-90-of-cloud-providers-still-havent-updated-certificates-1-week-after-heartbleed/#sthash.FD2ttd1o.dpuf hundreds of cloud providers were vulnerable to the Heartbleed bug in OpenSSL e...
The Tie Between Cloud App Enterprise-Readiness Score and Heartbleed Remediation: 7 Steps You Need to Take Now
Krishna Narayanaswamy, Netskope Chief ScientistThe Heartbleed Bug is a serious vulnerability for websites around the world. Many enterprise cloud and SaaS apps were also impacted. While most app vendors have remediated their systems, some remain vulnerable.Netskope researchers have been scanning ...
The Heartbleed Bug: Learn How It Operates
By Zulfikar Ramzan, CTO, ElasticaThe entire internet security community was up in arms on Monday as a devastating new bug, Heartbleed was discovered in OpenSSL, the most widely deployed cryptographic function on the web. Google’s security team discovered the malicious bug. Since then OpenSSL has ...
HOW CHICKEN EYES TAUGHT US TO DETECT CLOUD SECURITY BREACHES
By Sekhar Sarukkai, SkyHigh Networks A fascinating scientific discoveryThere was a fascinating discovery last month on a new state of matter never before seen in biology in, of all places, the eyes of chicken – a state of “disordered hyperuniformity”. This arrangement of particles in the chicken’...
FTC Recognizes Value of Trust Established by SSL and Digital Certificates
By KEVIN BOCEK, VP, SECURITY STRATEGY & THREAT INTELLIGENCE, VENAFIAttacks on digital certificates and trusted connections drive FTC to actionRecognizing that the trust established by Secure Sockets Layer (SSL) and digital certificates plays an important role in everyday life, the US Federal Trad...
Mad Max Here We Come: Heartbleed shows how much we blindly trust keys and certificates (and take them for granted)
KEVIN BOCEK, VP, SECURITY STRATEGY & THREAT INTELLIGENCE, VENAFI The race is on to respond and remediate by replacing keys and certificates in use with millions of applications because patching won't help. The world runs on the trust established by digital certificates and cryptographic keys. E...
24 HOURS AFTER HEARTBLEED, 368 CLOUD PROVIDERS STILL VULNERABLE
By Harold Byun, Skyhigh NetworksOver the past weeks, security teams across country have been grappling with end of life for Windows XP, which is still running on 3 out of 10 computers. That issue has been completely overshadowed with news of the Heartbleed vulnerability in OpenSSL, which is used ...
Cloud Policy? I’ll Take a Sharp Stick in the Eye, Please!
By Jamie Barnett, VP Marketing, NetskopeWe were struck by a survey we conducted with RSA Conference attendees in February when we learned that even though more than 60% of respondents didn’t have or didn’t know if they had a cloud app policy, 70% cared enough to think about their organization’s p...
DON’T LET THE END OF SUPPORT FOR WINDOWS XP PUT YOUR CORPORATE DATA AT RISK
By Harold Byun, Skyhigh Networks April 8 = Y2K all over again?I may be dating myself a little bit here by writing this, but at the turn of the century, the impending arrival of the year 2000 led to multi-year coding projects, systems upgrades, and a massive testing effort to ensure Y2K compliancy...
Browse by Topic
Write for the CSA blog
Submit your blog proposalSign up to receive CSA's latest blogs
This list receives 1-2 emails a month.