We have built a Security Operations Center at Netskope in short order. Facing the vast expanse of the Security Operations ocean, I grabbed my board with my team and focused on doing a few things really well. We documented workflows, expanded our visibility, and tuned monitoring systems. We paddled out from shore, braving the shark-infested waters of the threat landscape.

For security teams, properly managing which users can access resources and governing the level of access those users have is about as basic as locking the door at night. Understandably then, there are thousands of options available to fine-tune or revoke access, and it’s likely that issues come up daily for most companies—if not hourly.

When cloud first emerged as a new operational model for IT, its low total cost of ownership (TCO) was a topline selling point. Yet today, when considering moving security into the cloud, many worry that it will drive up costs, or at the very least demand an upfront investment that will be hard to justify in the mid-term. The reality is that cloud-native Security Service Edge (SSE) capabilities deliver a strong return of investment (ROI) with a low TCO.

Cloud-native and open-source technologies are booming. But for a successful cloud expansion, IT decision-makers and developers need to be in agreement despite their unique roles in the process. As more enterprises transition to cloud-native environments, the big question is how aligned are IT decision-makers and developers?

Encryption has come a long, long way over the last few years. Something once reserved only for militaries and governments, encryption has been made super accessible and has become standard practice in the tech industry. Whether it’s texts, photos, or word docs - it can, and should, be encrypted. Put simply, encryption scrambles any file sent or stored online into unreadable nonsense that can only be translated (or decrypted) by a user with a key.

This blog is part of a series on how to provide identity-based access to AWS resources. In the first tutorial, we saw how to set up an identity-aware AWS bastion host using the OSS solution, Teleport. In this blog, we will expand the scenario to use a single-sign-on (SSO) authentication mechanism to issue certificates to specific groups of users to access AWS resources.

Cloud computing has emerged as the go-to organizational workload choice because of its innate scalability and flexibility. However, cloud computing still comes with some security risks. Examining cloud security is an important part of adopting this new technology. Presently, cloud-native security is experiencing changes and innovations that help address security threat vectors.

By 2023, over 500 million digital apps and services will be developed and deployed using cloud native approaches. To put that in perspective, more applications will be developed on the cloud in a four-year period (2019-2023) than the total number of apps produced in the past 40 years. Clearly, organizations are buying into the cloud. But the question is: Do they fully understand it? And do they know how to secure the applications they built within it?

In the business of security, linking performance metrics to strategy has become an accepted best practice. If strategy is the blueprint for building a security operations center (SOC), metrics are the raw materials. But there is a catch: a security organization can easily lose sight of its strategy and instead focus strictly on the metrics that are meant to represent it.

Every organization has tons of sensitive information stored in the cloud. The unanticipated surge in remote work resulted in an increase in the amount of information stored in the cloud. According to TechJury, 67% of enterprise infrastructure is cloud-based. However, with organizations allowing employees to use both business and personal devices at work, the attack surface has expanded, increasing opportunities for threat actors to target vulnerable devices.

As developers, we need maximum visibility of what’s actually running in our cloud environments, in order to keep them secure. Infrastructure as code (IaC) helps developers automate their cloud infrastructures, so what’s deployed to the cloud is under control and can easily be audited. But achieving and maintaining 100% IaC coverage of your infrastructure has many challenges.

“In its current CWS offering, the vendor has great CSPM capabilities for Azure, including detecting overprivileged admins and enforcing storage least privilege and encryption, virtual machine, and network policy controls.” – The Forrester Wave™: Cloud Workload Security, Q1 2022 CrowdStrike is excited to announce we have been named a “Strong Performer” in The Forrester Wave:™ Cloud Workload Security, Q1 2022.

I’m not big on acronyms or buzzwords. Like many executives, my eyes glaze over when I’m being prospected with an alphabet soup of technology terms I supposedly “need” to care about. So why, then, does the title of this article include Security Service Edge (SSE), Secure Access Service Edge (SASE), and Zero Trust? Despite our justified disdain for acronyms, the ideas behind these terms hold genuine importance for business leaders.

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Two days ago, several of our automated analyzers started alerting on a set of packages in the npm Registry.

Microsoft Word, Excel, PowerPoint, and other Office document formats are popular among attackers, who abuse them to infect their victims with ransomware, infostealers, backdoors, and other malware. In this article, we look at the anatomy of a recent Office document attack from the victim’s perspective, highlight the most common types of Office document attacks seen today, and suggest strategies to reduce your risk of becoming the latest victim.

At the Rubrik Data Security Spotlight, we introduced Rubrik Cloud Vault, our fully managed, secure, and isolated cloud vault service built on Microsoft Azure. Rubrik Cloud Vault enables customers to build a comprehensive and multi-layered data protection strategy to be cyber resilient.

Economic Denial of Sustainability (EDoS) is a cybersecurity threat targeting cloud environments. EDoS attacks exploit the elasticity of clouds, particularly auto-scaling capabilities, to inflate the billing of a cloud user until the account reaches bankruptcy or large-scale service withdrawal. EDoS attacks exploit the cloud’s economies of scale to disrupt or discontinue the availability of cloud services and infrastructure that support applications, systems, and corporate networks.

The transition to the cloud has changed everything! It has upended where apps are hosted, as well as the movement of enterprises’ most valuable digital assets and sensitive data. Access has been redefined and firewall-based perimeters are a thing of the past. Now special considerations are required for users working from everywhere—on both managed and unmanaged devices—as well as address the ever-growing Internet of Things (IoT).

Threat actors continue to exploit users, devices and applications, especially as more of them exist outside of the traditional corporate perimeter. With employees consistently working remotely, adversaries are taking advantage of distributed workforces and the poor visibility and control that legacy security tools provide.

As more and more businesses and individuals choose to store their data online, ensuring the safety of information is becoming exceptionally crucial. According to recent statistics from the Hosting Tribunal, over 95% of IT professionals use cloud storage. This number is expected to grow steadily.

Considering the forensic-level attention to data residency that was paid in the early days of cloud, it’s interesting how little regard is now given to the matter. Explaining the many pitfalls of certain data residency challenges to fellow CISOs (and key stakeholders) and why real-time visualisations of data flow matter, is often an interesting exercise.

Recently, IBM announced the IBM Z and Cloud Modernization Center1 for the acceleration of hybrid cloud and to help IBM Z clients accelerate the modernization of their applications, data, and processes in an open hybrid cloud architecture. By combining IBM Z systems built for transactional integrity, throughput, reliability, and availability with hybrid cloud development, IBM is combining the best of both worlds.

Netskope Academy is pleased to introduce the Netskope Cloud Security Certification program. This new program provides an opportunity for customers, partners, and employees to validate their skills and be recognized for their knowledge of the Netskope Security Cloud platform, as well as general cloud security technologies. The program is launching with two levels of high-stakes, third-party proctored certifications, with more to follow.

A six-figure surprise is awesome when it’s a lottery win. It’s not so awesome when it’s the “Amount Due” appearing in your monthly cloud bill. But enterprises receive these “surprises” all the time, and what can sting even more is trying to explain this preventable expense to management. Inefficient (not optimized) traffic routing to and from your various cloud instances and other services can hurt your business in other ways too.

While the last two years accelerated digital transformation across a wide range of industries, this has been a long time coming for healthcare. Healthcare has been undergoing a massive shift to improve security, streamline operations, and enhance the patient experience—and much of that shift centers around the movement to the cloud. Cloud-native ostensibly offers a better, more accessible user experience marked by enhanced uptime, reliability, and efficiency.

Internxt is a little different than your average cloud service. Our secure storage was designed from the ground up with the user and their privacy in mind. To do this, we’ve built our service for Web3, which means the information we encrypt and store is decentralized and our business model has nothing to do with selling data.

Organizations have moved business-critical apps to the cloud and attackers have followed. 2020 was a tipping point; the first year where we saw more cloud asset breaches and incidents than on-premises ones. We know bad actors are out there; if you’re operating in the cloud, how are you detecting threats? Cloud is different. Services are no longer confined in a single place with one way in or one way out.

The security problems that plague organizations today actually haven’t changed much in 30 years. Weak and shared passwords, misconfigurations and vulnerabilities are problems that have tormented the industry for years and persist to this day. What’s changed is the speed and sophistication at which today’s adversary can weaponize these weaknesses.

Do you remember when viruses used to be funny and not such a big deal? Maybe a cat would constantly pop up on your desktop or you’d get spammed with hundreds of ads for male enhancement pills? Well, the early 2000s are over (yes, it’s depressing) and malware has advanced far beyond its somewhat quirky origins. Today, viruses have become extremely sophisticated and it’s difficult to know for sure if your files have been infected or not. So what is malware exactly?

If your enterprise is like most of Forward Networks’ customers, then your IT shop oversees a sizable cloud estate. You probably have hundreds of accounts, projects, or subscriptions across different cloud vendors. There are tons of related objects too — virtual machines, firewalls, transit gateways, subnets, and more. And cloud-native apps? Maybe you hundreds of those in use or development as well.

Software-as-a-service (SaaS) has taken over the world because it’s easy. With just a few clicks, business units can find an application that’s suitable for a particular business process. They can subscribe to it and immediately start using it — and the IT department might never find out.

The federal government continues to make progress towards Zero Trust (ZT) adoption. On May 12, 2021, President Biden signed Executive Order 14028 to improve the nation’s cybersecurity and protect federal government networks and on January 26, 2022, the Office of Management and Budget (OMB) released a Federal strategy to move the U.S. Government toward a Zero Trust approach to cybersecurity.

Recently, we have been facing a recurring problem related to cloud security – breaches based on credentials leak or breakage. Users tend to log into their accounts using a single factor system, such as a user and password combination. This introduces a single point of failure in your account’s security. Weeks ago, we read a tweet about a person dealing with a huge AWS bill due to a stolen key that was taken by attackers to use AWS Lambda functions for crypto mining.

The PCI certification process is quite comprehensive and relates to infrastructure, software and employee access to systems, in particular to datasets and the way that they are accessed. These checks are critical not only to the wider payments industry but also to create a level of trust with users knowing their data is protected. The PCI compliance process is a number of checks, usually by an accredited third party, to ensure that secure data handling processes are in place.

We are proud to announce that we have recently achieved AWS Security Competency Partner status. This status exemplifies our technical expertise and dedication to helping customers secure their software at every stage of cloud adoption.

Cloud adoption has come a long way from its early days where corporate executives questioned the stewardship of their data. The initial suspicions of “where’s my data” have been laid to rest, as administrative tools and contractual obligations have emerged to give better visibility to, and accountability of, data custodianship. Even the capabilities of technology professionals have been enhanced to include full certification paths towards demonstrating cloud proficiency.