At CloudCasa, as a cloud-native backup-as-a-service provider, we are often dealing with customer concerns about the security and privacy of their data. Sometimes the concern is almost paradoxical because the data and application they are protecting is publicly accessible and running inside the public cloud. However, there are times when organizations use public cloud infrastructure with a network architecture that resembles a private cloud.

As more and more applications and application development move to the cloud, traditional security roles and organizational structures are being shaken up. Why is that and what are the benefits of a cloud-first approach for business?

This article is intended to summarize the security services and tools provided by Microsoft for Azure cloud. We will also explore the value add Sysdig can provide when used in conjunction with the default Azure services for security.

Software-as-a-Service (SaaS) applications are built on the premise of streamlining business practices to improve productivity. Microsoft 365, Salesforce, and similar SaaS platforms commonly integrate automation tools that allow business users to develop the tools that they need to do their jobs. The latest iteration of this is the integration of low-code/no-code platforms into these SaaS solutions.

Cloud adoption has gained solid momentum over the past few years. The technology has been helping organizations revolutionize their businesses and optimize their processes for increased productivity, reduced cost, and better scalability. But as organizations pour their entire focus on improving their businesses, they tend to lose control of governance. One of the many reasons that data governance tends to get more out of control is when organizations increasingly adopt a hybrid or multi-cloud model.

Digital transformation has driven the rapid adoption of cloud-delivered services like SaaS/IaaS/PaaS in enterprises. This, in turn, has resulted in the migration of digital assets (aka data) from the confines of enterprise data centers to the cloud data centers that are not under the control of the enterprises. Additionally, the onset of the COVID-19 pandemic has resulted in remote work becoming the norm.

Over the last decade, enterprises have accelerated the adoption of the cloud. According to the State of the Cloud report by Flexera, the average annual spend on cloud computing is over $62 million. As enterprises continue to invest in the cloud, AWS, the market leader in cloud computing, is growing at a rapid pace. The rise of cloud computing poses new challenges to enterprise IT. With each department migrating and managing their workloads in AWS, there is a proliferation of accounts, users and roles.

In recent times, the widespread use of cloud services has become common for most organizations. While many organizations now enjoy the savings and convenience afforded by hosting their data and services on cloud platforms, this shift towards the cloud brings with an increased vulnerability to data theft and cyberattacks.

The Relational Database Service (RDS) service offered by AWS is one of the most popular databases today. A lot of critical, confidential data resides inside of RDS. Hence it becomes imperative to protect this data from various threats and ensure that the data is secure. Our approach to protecting the data inside RDS is based on two aspects: Rubrik already supports a modern approach to safeguarding RDS data from an operational perspective and also maintains a clean, secure copy in a different region.

Misconfigured internet-facing servers are a growing risk for organizations and one of the preferred weapons for ransomware gangs to break into their victims’ networks.

In the event of a cyber attack, how confident are you that your Azure SQL data is safe and recoverable? As a commitment to cyber-proofing the cloud, we’re pleased to introduce new security enhancements to our previously-announced Azure SQL protection. Now, businesses and government agencies can further minimize the risk of data loss in Azure SQL databases and Managed Instances.

The Higher Education Community Vendor Assessment Toolkit (HECVAT) helps higher education mitigate the impact of security risks of vendor relationships offering cloud-based services. With supply chain attacks on the rise, and vendor risks ranking in the top three initial attack vectors for data breaches, HECVAT compliance is becoming a mandatory requirement for partnering with higher education institutions.

Blackhat 2022, on its 25th anniversary, took place this week in Las Vegas. The most important event for the infosec community and the best place for security vendors to showcase all their innovations and products in this ever-growing ecosystem. This year, attendees come from 111 different countries. In 2020, Black Hat added the word Cloud to the existing track about Platform Security.

More companies are switching from on-premises systems to public cloud services, ensuring long-term growth and digital resilience. But as their implementations grow, they begin to realize that their exposure to cyberattacks and other risks grows as well. Cybersecurity is an essential practice for successful businesses. Adapting to business growth is a good problem to have, but without an eye on cloud security, that growth could cost you in the long run.

The concept of storing sensitive data in the cloud was once seen as ludicrous. Now, businesses are moving into cloud security at an exponential rate with the promise of larger storage space, lower costs, and improved performance. However, with such great benefits come severe risks.

Containerization is a rapidly evolving technology in cloud-native applications. Just like computing systems, containers consist of packages of software programs with all the vital elements like binaries, files, and libraries for running an application in the environment from anywhere. Containers are lightweight, and DevOps teams develop applications and deploy services using them. Moreover, organizations also use these containers to deploy and scale the DevOps infrastructure like the CI/CD tools.

We’re thrilled to announce that 1Password has been included in the Forbes 2022 Cloud 100, the definitive ranking of the top 100 private cloud companies in the world!

Rubrik is honored to again be named to the Forbes Cloud 100, the annual ranking of the top private cloud companies in the world. This list is comprised of some of the most respected and fastest-growing companies globally. We’re humbled to be alongside these innovative brands and to make this prestigious list for the sixth year in a row! As the pioneer in Zero Trust Data Security™, this recognition underscores Rubrik’s continued cybersecurity momentum.

On behalf of the entire Snyk community, I am excited to share that Forbes has named Snyk to the Forbes Cloud 100 list for the third consecutive year, coming in at #20 — which is 19 spots higher than last year! The full list was unveiled this morning.

Throughout 2022, Netskope Threat Labs found that attackers have been creating phishing pages in Google Sites and Microsoft Azure Web App to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken, and Gemini. These phishing pages are linked from the comment sections of other websites, where the attacker adds multiple links to the phishing pages, likely to boost SEO and drive victims directly to these pages.

Ask any security professional how to effectively measure risk and many will give a simple answer…

A comprehensive organizational strategy and robust company security policy are crucial for effective cybersecurity. A company needs to make a concerted effort to design, execute, and follow through with a plan to deal with cyber-risk management from top to bottom. There is no one-size-fits-all strategy for the needs of enterprises in managing cyber risk. But in order to maintain strong system security in the face of constant threats, there are some core principles that every company should follow.

If you’re looking to catch up on what happened at this years AWS re:Inforce, this is the blog for you. There were many important announcements were this year, including some exciting updates on the cloud security front. In this post, we’ll quickly review the goals of the conference and who should attend, before diving into the keynote highlights, software updates, and helpful resources.

Alan Hannan is a member of the Netskope Network Visionaries advisory group. The cloud often seems like a black box for many corporate networking and security professionals. They have expertise in optimizing their internal network. Still, once they offload their traffic to the cloud, they figure they’re handing off optimization to the software-as-a-service (SaaS) provider.

Azure has been popular in the last few years because it is a reliable platform that offers a wide range of services. Azure is also simple to use, making it an attractive business option. Additionally, Azure is cost-effective, which helps businesses save money.

Ousaban (a.k.a. Javali) is a banking malware that emerged between 2017 and 2018, with the primary goal of stealing sensitive data from financial institutions in Brazil. This malware is developed in Delphi and it comes from a stream of LATAM banking trojans sourced from Brazil, sharing similarities with other families like Guildma, Casbaneiro, and Grandoreiro.

A new long-running phishing campaign, allegedly originating from Vietnam and active since 2018, is targeting professionals on LinkedIn with the final objective to compromise their corporate Facebook accounts.

Being online means that we are constantly interacting with others and sharing information across borders. It also means that Google is tracking you. This virtual international travel creates countless opportunities for cybercriminals to access our personal data. If you dive into how the internet works and how to protect your privacy, you’ll start to hear the word cybersecurity a lot. But what is cybersecurity exactly? Is cybersecurity hard?