Following the recent AWS CloudTrail Lake announcement, this blog will guide you through how to configure a Netskope Cloud Exchange instance to send Netskope user access logs to AWS CloudTrail Lake using the Cloud Log Shipper (CLS) module and the CLS plugin developed for CloudTrail Lake. Cloud Exchange (deployed in Amazon ECS on Fargate) can be obtained from the AWS Marketplace.

In recent incident response investigations, CrowdStrike Services has observed adversaries use the sts:GetFederationToken API call to create federated sessions from IAM users. In this scenario, the federated session inherits permissions from the base IAM user. Perhaps surprising to many incident responders, the privileges and access of the federated session are not revoked when the base IAM user’s credentials are deactivated.

A couple months ago, we received a request from one of our enterprise financial clients looking to build their internal data lake capabilities. The client wanted to know more about security best practices related to the AWS data lake management tool, AWS Lake Formation, and asked our team for help. One of our principal security consultants specializing in cloud got to work, preparing an overview of critical security considerations when architecting a data lake system.

In today's hyper-connected world, most of us now take care of our daily tasks with the help of digital tools, which includes online banking. Whether we're reviewing our account balances, transferring money, applying for payment cards, or simply paying our bills, banking has become more digital, and requires financial firms to adapt to this new world of transacting business. This adaptation has seen EU-based financial firms adopting and relying more heavily on cloud services.

Today we announced the immediate availability of the Salt Security API Protection Platform on Google Cloud Marketplace and our acceptance to the Google Partner Advantage program! Salt now provides the cloud trifecta, enabling customers to adopt the Salt platform on the AWS Marketplace (followed by the AWS ISV Accelerate Program), on the Microsoft Azure Marketplace, and now on Google Cloud!

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

If you want to learn how to prevent a DDoS attack in your cloud environment by detecting the early signs of compromise associated with this threat, then this article should explain most of the best practices required to secure your cloud infrastructure. From January through July 2022, Sysdig Threat Research team implemented a global honeynet system that captured numerous breaches through multiple attack vectors.

Trustwave is proud to announce it has attained status as a Microsoft Cloud Solutions Partner for Security with a specialization in Threat Protection.

Hybrid working models have increasingly become the normal way of doing business. Employees are working from anywhere, users and their devices are moving on and off the office network, and many applications once hosted in data centers are now moving to public clouds or being replaced with software as a service (SaaS).

In this episode of 2023 Predictions, Sathya Sankaran, General Manager of CloudCasa by Catalogic, speaks with Swapnil Bhartiya on his insights into where he sees the industry heading in 2023. The pandemic resulted in the acceleration of cloud adoption and digital transformation and Sathya expects this momentum to continue in 2023 as well.

DevOps teams and developers can now bring the power of automated secrets detection and remediation to their Azure DevOps repositories.

In the first two blogs in this series, we discussed properly setting up IAM and avoiding direct internet access to AWS resources. In this blog, we’ll tackle encrypting AWS in transit and at rest.

Increased cloud adoption has introduced new security risks; organizations need to protect invaluable, sensitive data that can be accessed from anywhere. Traditional methods no longer suffice - today’s security operations teams must adopt innovative solutions and streamlined processes to effectively manage the increase in complexity and ensure mission-critical cloud loads are safeguarded.

Our most recent Cloud and Threat Report highlighted how threat actors abuse cloud services (with a special focus on cloud storage apps) to deliver malicious content (and yes, OneDrive leads the chart of the most exploited apps). To confirm that this trend will likely continue in 2023, researchers at Trend Micro have discovered an active campaign, launched by a threat actor named Earth Bogle.

Recently, Amazon accidentally exposed information on Amazon Prime Video viewing habits to the public. In addition, Thomson Reuters news and media company admitted that their servers had compromised 3TB of data by public-facing ElasticSearch databases. Well, these are the type of news we often see on the front page of cybersecurity forums. But if you dig a bit deeper, you will find that these data leaks are caused by misconfiguration, not cyber attacks.

Editor's note: This is the first in five-part series authored by Ed Amoroso, founder and CEO of TAG Cyber, which will focuses on how the Corelight platform reduces network security risks to the so-called Everywhere Cloud (EC). Such security protection addresses threats to devices and assets on any type of network, including both perimeter and zero-trust based.

Cybersecurity professionals are tasked with the difficult job of protecting their organization's data from malicious actors. To achieve this goal, zero trust security has become an essential tool for organizations. But what exactly is zero trust? In this post, we’re going to separate signal and noise by disambiguating the term zero trust. We’ll talk about what it is, why it matters, and key takeaways you should have regarding the state of cybersecurity in 2023.

Google Cloud Provider (GCP) Filestore is a good place to keep lots of rich, unstructured data, such as graphic designs, video editing files, and other media workflows that use files as input and output. Having GCP Filestore backups enables users to protect themselves against the rare case of inaccessibility, accidental changes, ransomware attacks, or other types of disasters.

Adopting cloud technologies is one of the most common tech strategies followed by modern organizations. This may be due to various reasons depending on the nature of the business. But there are a few standard components that span across most domains, not least the fact that cloud vendors allow developers to easily create and take down resources on the cloud with minimal effort.

In the first blog in this series, we discussed setting up IAM properly. Now we’re moving on to the second step, avoiding direct internet access to AWS resources. When AWS resources like EC2 instances or S3 buckets are directly accessible via the Internet, they are vulnerable to attack. For example, brute force attacks on SSH login, denial of service (DOS) attacks on server resources via Layer 3, 4, or 7 flooding, or the inadvertent disclosure of data on an S3 bucket.

A few customers have asked about the pros and cons of a self-hosted password management solution, such as Bitwarden. Since I have a lot of experience with this topic, I thought I would share some of the key reasons to use a cloud-based password manager like Keeper, instead of a self-hosted password vault.

Cloud computing and the use of cloud native architectures enable unparalleled performance, flexibility, and velocity. The speed of innovation has driven significant advancements across industries, but as digitalization continues pushing applications and services to the cloud, bad actors’ intrusion techniques have also become more sophisticated.

AWS (Amazon Web Services) allows businesses to quickly and securely build and scale applications. Hence, there is exponential growth in AWS usage among businesses and organizations. For example, As of 2020, AWS held 76% of enterprise cloud usage, reflecting the power and importance AWS holds. This increased use of AWS tools and services opens new doors for cyber attackers. However, AWS is a very reliable cloud service provider that works hard to ensure protection over its infrastructure.

Cloud computing is a powerful service, but securing its assets proves to be a difficult task by even the largest companies in the world. The average cost of a cloud breach is around $4 million, and it is vital that cloud workloads are as secure as possible. This article will explain cloud security and provide seven steps organizations should take when conducting their cloud risk assessment.

Have you ever heard the saying that the greatest benefit of the cloud is that limitless resources can be spun-up with just a few clicks of the mouse? If so, you would be best served by forgetting that saying altogether. Just because cloud resources can be spun-up with a few clicks of the mouse does not mean that they should be. Rather, prior to launching anything in the cloud, careful consideration and planning are a necessity.

As we enter 2023, both security and digital transformation efforts (e.g. cloud migration) continue to be important priorities for organizations. This combination brings huge challenges for IT teams, who are not only required to facilitate major digital changes and increase developer productivity but also ensure that this transformation is secure by default. When using AWS in particular, it’s challenging to understand how to strike this balance between accelerated cloud growth and security.

Many organizations today develop, build and deploy cloud native applications that utilize infrastructure and services offered by cloud computing providers like AWS, Azure or Google Cloud Platform (GCP). This trend highlights a critical consideration for organizations — how to secure applications, infrastructures and data in cloud-native systems.