Amazon Elastic File System (EFS) is a simple, scalable and fully managed file storage service to support the storage and throughput needs of your Kubernetes applications. Amazon EFS is designed to be highly available and durable, however your EFS data can still be prone to data loss, data corruption, and have compliance issues. Amazon EFS Backup and Restore of data helps protect against data loss due to hardware failures, accidental deletion, ransomware attacks, or other types of disasters.

Sysdig is a premier Google Cloud Platform (GCP) partner and has been working with Google towards the common goal of supporting our customers and securing their cloud journey for the last seven years. Sysdig is focused on securing and monitoring workloads running on Google Cloud – including Google Kubernetes Engine (GKE), Autopilot, Anthos, and more. All these various elements of GCP can be protected using Google Security Command Center. Learn more about how to enhance your GCP security.

After a two-year hiatus (virtual in 2020 and hybrid in 2021), AWS re:Invent was back in person this year in its full glory. Over 52,000 people attended — more than we saw at RSA (26,000) and Blackhat USA (21,000) combined this year.

On December 8th, Clinton Herget and Simon Maple, Field CTOs at Snyk, had the opportunity to chat with Corey Quinn, Chief Cloud Economist at The Duckbill Group, podcast host, curator of “Last Week in AWS”, and snarky Twitter personality. Their conversation took a lot of fun turns, from ranting about the hour-long line to get coffee at AWS re:Invent, to Corey proclaiming that “SBOMs are a fantasy” (there’s more context to that… keep reading).

The shift towards hybrid work models has expanded the perimeters of work, adding to the burden on IT teams as they fight to stay resilient in the face of increased attack surfaces. All it takes for an invasion into an enterprise’s IT infrastructure is one compromised identity. So, what are enterprise identities? These are the user names, passwords, networks, endpoints, applications, etc., that act as gateways to business-sensitive information.

As the need for a new security strategy grows, we use cloud-native security platforms (CNSP). Cloud services like containers, serverless security, platform as a service (PaaS), and microservices are the building blocks of cloud-native architectures. Because these services are loosely coupled- that is, they are not hardwired to any infrastructure components developers can frequently make changes without harming other parts of the application or other team members’ projects.

Threat actors exploiting cloud services are keeping me very busy in these final days of this troubled 2022. The main character of this Cloud Threats Memo is MuddyWater (also known as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP.Zagros), one of the most prolific cyber espionage groups, active since at least 2017, and believed to be a subordinate element within Iran’s Ministry of Intelligence and Security (MOIS).

Cloud transformation and work from anywhere changed how security needs to work. Surveying done for the Verizon Mobile Security Index showed that 79% of IT and security professionals agree recent changes to working practices had adversely affected their organization’s Cybersecurity. One key reason modern working practices make security more challenging is each new SaaS application adopted by employees expands the attack surface and opens a new door for potential risks.

Live conferences are finally back, and the 11th annual AWS re:Invent did not disappoint. After a virtual 2020 and an in-person reduced-sized edition in 2021, there were more than 52,000 (yes — 52,000!) smiling faces milling about this year’s conference in Las Vegas. As per usual, re:Invent was full of exciting product news and updates. Here are the major announcements that got our attention and some of the things Snyk was up to in Vegas.

Azure Bicep is getting more popular by the day and is rapidly becoming the replacement for Azure Resource Manager (ARM) templates. In this post, I am going to go over some security fundamentals when using Bicep. If you are not familiar with Bicep then I recommend taking a look at the Microsoft Learn documentation to find out more.

Starting January 1, 2023, Netskope will offer customers Cloud Exchange (CE), its industry leading integration platform, as a managed service. This managed service will enable a much larger customer base to benefit from CE, including customers lacking in-house resources or preferring to consume CE as a managed service.

At this year’s AWS re:Invent conference, Snyk’s VP of Product Marketing, Ravi Maira, spoke with Omar Peerzada, Cyber Security Architect at Neiman Marcus, about how his team transitioned from older security practices to a developer-first security strategy. Watch the full talk now, or keep reading for the highlights.

If you run CrowdStrike Falcon® LogScale, previously known as Humio, locally or on-premises, one of your first steps is to configure local storage so that LogScale has a persistent data store where it can send logs. If you’re running LogScale as a cluster setup, then you’ll have some data replication as a function of how LogScale manages the data. However, even with that replication, you’ll probably still want something outside of your local infrastructure for resiliency.

TFiR has produced its brand-new video show called Let’s See. This is the first time that TFiR has come up with a demo show where we will get to see how some of the technologies and products work.

Today Bytesafe announced that the Bytesafe Security Platform is now available globally in AWS Marketplace. Bytesafe allows enterprises to increase their software supply chain security posture with automated best practices - and a unified workflow for security and developer teams. Reduced risk and protected assets - without slowing down developers.

Just like shopping on Black Friday, AWS re:Invent has become a post-Thanksgiving tradition for some of us at Datadog. We were excited to join tens of thousands of fellow AWS users and partners for this annual gathering that features new product announcements, technical sessions, networking, and fun. This year, we saw three themes emerge from the conference announcements and sessions.

Another day, another legitimate cloud service exploited for a cyber espionage campaign… Researchers at ESET recently discovered Dolphin, a previously unreported backdoor used by the North-Korean threat actor APT37 (AKA ScarCruft and Reaper) against selected targets. The backdoor, deployed after the initial compromise using less sophisticated malware, was observed for the first time in early 2021, during a watering-hole attack on a South Korean online newspaper.

Announced today at AWS re:Invent, Amazon CodeCatalyst brings together everything software development teams need to plan, code, build, test and deploy applications on AWS into a streamlined, integrated experience.

‍ AEC project teams are using point cloud data to enhance their BIM projects. By importing point cloud data into their CAD software, they can get a more accurate representation of the buildings and landscapes they are working on. This can help with design, construction, and even marketing efforts.