Healthcare organizations still seem to think that blocking all access to unapproved cloud storage or cloud collaboration tools means that they’re preventing leakage of sensitive information. But as the old saying goes, “Data flows like water.” Eventually, it’s going to find the holes and escape. Even if a healthcare IT system has water-tight data controls, that’s not the only goal within the organization—and not even the most important one.

HSM stands for hardware security module. HSMs are hardware devices. They can be quite small and plugged into the main board of a computer, or they sit side by side in a server rack. They store sensitive data such as private keys. HSMs do not allow you to read that sensitive data back; instead, they expose only cryptographic operations like signing of certificates or encrypting data. This provides stronger protections for storing private keys compared to disks or databases.

Every once in a while, an industry term will get overused by marketing to the point of becoming a cliche. I think “Zero Trust” may have reached this threshold. In some ways, I understand why this is happening. Security perimeters have become obsolete as people use mobile devices and cloud applications to work from anywhere.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) have recently published a joint advisory providing details on the top 30 vulnerabilities routinely exploited by malicious cyber actors in 2020 and those widely exploited in 2021 so far.

This summer, I was fortunate enough to get an internship at Teleport. Being part of the co-op program at the University of Waterloo, I have worked at many different companies before, and this internship will be my fourth placement as I finish my first term of the third year. The project that I was assigned to was an interesting one.

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.

As organizations move their infrastructure to the cloud, payment data are being exposed unknowingly leading to high profile data breaches. Find out how the new guidance from PCI Security Standards Council (PCI SSC) and Cloud Security Alliance (CSA) can help protect your cardholder data in the cloud.

Cybersecurity remains an ever-growing concern in our digitized, post-pandemic world. While rapid digitization opens doors to ample benefits and business opportunities, companies also have to deal with an uptick in cybercrimes, as criminals and other threat actors raise their game, making cyber attacks more frequent and complex than ever before. Consequently, businesses have suffered serious losses resulting from ransomware attacks, data breaches, and theft of trade secrets.

In this article I will show how to secure your Okta directory so it’s ready to grant access to servers and other highly sensitive resources. There are 4 levels of Okta directory system security maturity we will walk through how to implement.

Since its inception, Elastic Security has had a clear mission: to protect the world's data and systems from attack. We started with SIEM, built on top of the Elastic Stack, applying its fast and scalable search capabilities to detect security vulnerabilities across all threat vectors. Next, we joined forces with Endgame to integrate endpoint security into Elastic Security, and allow customers to prevent, detect, and respond to attacks from a single, unified platform.

August has been a great month for Teleport. Our Series B round of funding , led by Kleiner Perkins, plus the arrival of secure MongoDB access with Teleport 7.0 is cause enough for celebration. In addition, Teleport has been officially Certified™ by Great Place to Work ®. This prestigious certification is based entirely on feedback from current employees; this year, an incredible 100% of our team members told us we are a great place to work.

Given today’s evolving multi-cloud dynamics and increasingly active threat landscapes, security teams have a greater need for integrated and scalable monitoring that provides meaningful real-time insights into the state of organizational security posture. As organizations adopt cloud-first strategies, cybercriminals have taken note and continuously evolve their tactics to gain access to valuable cloud data.

AWS GDPR compliance, privacy and personal data protection are one of the most common concerns among cloud teams that run workloads in the AWS Cloud. When thinking about the different mechanisms to protect privacy and gain trust from the users who utilize our services, Compliance is one of the words that comes to mind.

The shift to remote and hybrid work at scale has created unprecedented demand for our cloud-delivered Zero Trust Network Access(ZTNA) solution, Netskope Private Access(NPA). This is no surprise.

Change is the only constant and this is especially apparent for the firewall space, as we’ve seen with branch office transformation and users continuing to work remotely. Secure Access Service Edge (SASE) architecture, when properly designed, puts the user in the center with cloud edge security services protecting them, their data, and the apps and websites they use every day, on either company or personal instances.

There is the marketing of secure access service edge (SASE), and then there is the actual integration of key capabilities that provide the benefits of less complexity, consolidation, and lower cost of operations a properly implemented SASE architecture provides.

Devo’s strong relationship with Amazon Web Services (AWS) recently expanded to include our participation in the AWS ISV Workload Migration Program. This is important to cloud developers, DevOps engineers, solution architects (particularly cloud SAs), and cybersecurity architects working at organizations ready to transition their data to the cloud.

This blog series expands upon a presentation given at DEF CON 29 on August 7, 2021. In Part 1 of this series, we provided an overview of OAuth 2.0 and two of its authorization flows, the authorization code grant and the device authorization grant. In Part 2 of this series, we described how a phishing attack could be carried out by exploiting the device authorization grant flow.

LockBit Ransomware(a.k.a. ABCD) is yet another ransomware group operating in the RaaS(Ransomware-as-a-Service) model, following the same architecture as other major threat groups, like REvil. This threat emerged in September 2019 and is still being improved by its creators. In June 2021, the LockBit group announced the release of LockBit 2.0, which included a new website hosted on the deep web, as well as a new feature to encrypt Windows domains using group policy.

We’re honored to share that, for the second consecutive year, Snyk has been named to the prestigious Forbes Cloud 100 List, coming in at #39! The full list, unveiled yesterday, is Forbes’ “definitive ranking of the best, brightest, and most valuable private companies in the cloud.” We’re up 47 spots from our ranking last year — a testament to our incredible team, growth, and maturation as a company in 2021 thus far. And it’s only August!

This blog series expands upon a presentation given at DEF CON 29 on August 7, 2021. Phishing attacks are starting to evolve from the old-school faking of login pages that harvest passwords to attacks that abuse widely-used identity systems such as Microsoft Azure Active Directory or Google Identity, both of which utilize the OAuth authorization protocol for granting permissions to third-party applications using your Microsoft or Google identity.

This blog series expands upon a presentation given at DEF CON 29 on August 7, 2021. In Part 1 of this series, we provided an overview of OAuth 2.0 and two of its authorization flows, the authorization code grant and the device authorization grant.

Teleport has been instrumental in helping our clients achieve difficult security and compliance requirements, and today we are proud to announce that our Cloud offering is now SOC2 Type II compliant. Last year our on-premises product was SOC2 Type II certified, and we published an overview on our blog helping explain what SOC2 is and why it has become table stakes for B2B SaaS companies.

Last year’s IDC’s Cloud Security Survey found that nearly 80 percent of companies polled have suffered at least one cloud data breach in the past 18 months.

Step 3: Know the flow of the data through the ecosystem—be the inspection point between the user and the data.

It seems as if everything is happening in the cloud now — whether I’m sharing a document with a colleague or backing up family photos. This is happening in cybersecurity as well, where the storage flexibility and computing power of the cloud have enabled new ways to secure organizations.

Determining the security posture for an increasing quantity of cloud accounts and services used by many organizations can feel overwhelming, but Tripwire Configuration Manager can help you find, fix, and even enforce settings for common security problems in cloud services. In this blog, we will show how the simple steps required to have Tripwire Configuration Manager automatically fix common configuration issues.

It’s no surprise that cloud adoption continues to be a major force impacting organizations today. A 2020 McKinsey survey indicated that many organizations saw several years worth of digital transformation take place in 2020. An IDG survey, which we referenced in our Securing Best of Breed SaaS Applications webinar, suggested that 95% of organizations expect to be partly or fully in the cloud by the end of 2021, with almost half the applications used by their workforce being SaaS or open source.

Zero Trust is not something you purchase. Zero Trust is a security strategy you build out using the working assumption that there are no safe network zones, no perimeters, no safe users, and no safe devices. The Spectra Alliance helps enable a Zero Trust model across the scope of six elements including applications, data, networks, infrastructure, identities, and devices.

More and more companies understand the benefits of cloud computing, which is making their migration to the cloud more rapid. Per IDG’s 2020 Cloud Computing Study, 81% of organizations said that they’ve migrated either one application or a portion of their infrastructure to the cloud. The reasons why a company would shift its services towards the cloud depend on its business priorities, of course.