Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

March 2024

The IT Hour | Identity Federation 03.29.24

Mar 30, 2024 By JumpCloud In JumpCloud
Trevor Wiemann, Product Manager at JumpCloud tells us about what's new with Identity Federation. Join us at 11:30 am ET. The #IT Hour hosted by #JumpCloud is a #communityprogram focused on the life of #ITAdministrators. With the ever changing #ITlandscape, having community and professional networking opportunities is very valuable. You can expect from our weekly conversations.
View Video
netskope

How a Private Cloud Approach to SASE Helped Reduce Disruption From a Severed Sub-sea Cable

Mar 29, 2024 By Francisca Segovia In Netskope
It feels like sub-sea cable disruptions are becoming ever more common, with recent reports of major outages caused by severed cables in the Mediterranean, the Red Sea, the North Sea, and—most recently—off the coast of Africa.
Read Post

How to configure Google Workspace Backup: Step by Step Guide with BDRSuite

Mar 28, 2024 By BDRSuite In BDRSuite
BDRSuitefor Google Workspace is a complete solution that allows you to backup and recover your Google Workspace data, in case of accidental deletion, security threats and retention policy gaps#databackup #dataprotection #datarecovery #disasterrecovery #backup #GWS #google #googleworkspacehowto #googleworkspace.
View Video
Snyk

Securing your SBOM on Google Cloud

Mar 28, 2024 By David Lugo In Snyk
Over the past few years, software supply chain security has been top of mind for governments and businesses alike. Following Log4Shell in late 2021, the Biden administration’s National Cybersecurity Strategy started focusing on open source supply chain security. The National Security Agency (NSA) recently released new guidance on securing open source software supply chains.
Read Post
coralogix

Advanced Security: Marking AWS WAF's Homework

Mar 28, 2024 By Chris Cooney In Coralogix
The same security scenarios are checked thoroughly. Privilege escalation, SQL injection, Port scanning and so on. These checks form the bedrock of defensive security, but as solutions become more complex, so too must our capability to detect complex scenarios. Let’s explore a very complex use case, that ties together multiple Coralogix features, and showcases the power of Coralogix, not just in detecting the simple stuff, but in tracking the most complex scenarios in modern security.
Read Post
datadog

Datadog Security extends compliance and threat protection capabilities for Google Cloud

Mar 28, 2024 By Sourabh Katti In Datadog
Organizations are adopting Google Cloud at a growing rate. This growth is partially influenced by both the rise of AI computing and a push towards multi-cloud usage. A recent report found that 85 percent of organizations deploy their applications on multi-cloud architecture. With the shift to AI computing and multi-cloud adoption, organizations are reconsidering their cloud security coverage now more than ever.
Read Post
jumpcloud

What is Cloud Identity Management?

Mar 26, 2024 By Kelsey Kinzer In JumpCloud
As businesses embrace remote work and the transformation to the cloud, the need for robust identity management is key. But what exactly is cloud identity management, and why is it critical? Essentially, cloud identity management orchestrates identity and access management (IAM) in cloud environments and supports the shifting of authentication and authorization processes to the cloud.
Read Post
signmycode

What is Azure IoT Security? Top Best Practices to Secure IoT Devices

Mar 26, 2024 By SignMyCode In SignMyCode
IoT devices have become a vital component of worldwide business operations for different industries, including healthcare, IT, transportation, etc. Organizations that invest in IoT deliver more value to their consumers than others. According to a report by Statista, the number of IoT devices is estimated to be 17.08 billion in 2024, and the figure is showing no signs of stopping. But as its usage is continuously increasing, so are the security concerns!
Read Post
alienvault

The Growing Importance of CAASM in Company Cybersecurity Strategy

Mar 26, 2024 By Alex Vakulov In AT&T Cybersecurity
The recent years' events, including the proliferation of ransomware, the pandemic, and political tensions, have fast-tracked the development of both offensive and defensive tools in the cyber domain. Cybersecurity concepts that were nascent a few years ago are now being refined, demonstrating the practical benefits of modern digital risk management strategies.
Read Post
cloudflare

From .com to .beauty: The evolving threat landscape of unwanted email

Mar 26, 2024 By João Tomé In Cloudflare
You're browsing your inbox and spot an email that looks like it's from a brand you trust. Yet, something feels off. This might be a phishing attempt, a common tactic where cybercriminals impersonate reputable entities — we've written about the top 50 most impersonated brands used in phishing attacks. One factor that can be used to help evaluate the email's legitimacy is its Top-Level Domain (TLD) — the part of the email address that comes after the dot.
Read Post
lookout

Don't Forget Mobile Security: How Mobile Devices Serve as Keys to the Cloud

Mar 26, 2024 By Lookout In Lookout
In February 2024, Lookout discovered an advanced phishing kit targeting the Federal Communications Commission (FCC), along with several cryptocurrency platforms. While most people think of email as the realm of phishing attacks, this threat actor — known as CryptoChameleon — used the phishing kit to build a carbon copies of single sign-on (SSO) pages, then used a combination of email, SMS, and voice phishing to target mobile device users.
Read Post
panoptica

What is DSPM and why is it an essential component in cloud-native security solutions?

Mar 26, 2024 By Becca Gomby In Panoptica
In the rapidly advancing realm of cloud-native security, Data Security Posture Management (DSPM) emerges as a critical framework, ensuring organizations maintain robust control over their data assets. As cloud environments evolve, understanding and implementing DSPM becomes vital for better securing data defenses. In this blog post, we'll delve into the basics of DSPM, its significance in cloud-native security and how Panoptica approaches DSPM within its CNAPP solution.
Read Post
sumologic

Hunt for cloud session anomalies with Cloud SIEM

Mar 26, 2024 By Anton Ovrutsky In Sumo Logic
In today’s cloud-native world, systems are usually accessed by users from multiple devices and in various geographic locations. Anyone who has tried to operationalize an impossible travel type alert for cloud resources will understand the myriad nuances and gotchas involved in such an endeavor. A user may be accessing a cloud resource from a mobile device that is tied to a carrier network well away from their normal geographic location.
Read Post
knowbe4

Cloud-Conscious Cyber Attacks Spike 110% as Threat Groups Sharpen their Attack Skills

Mar 25, 2024 By Stu Sjouwerman In KnowBe4
New data shows increased expertise in leveraging and exploiting cloud environments. CrowdStrike’s 2024 Global Threat Report shows that targeted attacks on cloud environments have increased, signaling that the cybercrime economy has realized the “untapped market” of the cloud environment.
Read Post

The IT Hour | Disconnecting AD 03.22.24

Mar 23, 2024 By JumpCloud In JumpCloud
Rodger Bright, Senior Sales Engineer at JumpCloud joins us to talk about disconnecting Active Directory. Join us at 11:30 am ET. The #IT Hour hosted by #JumpCloud is a #communityprogram focused on the life of #ITAdministrators. With the ever changing #ITlandscape, having community and professional networking opportunities is very valuable. You can expect from our weekly conversations.
View Video
jumpcloud

How To Work with Amazon S3 on Amazon Linux

Mar 22, 2024 By David Worthington In JumpCloud
Jump to Tutorial Amazon Simple Storage Service (Amazon S3) is a scalable, high-speed, web-based cloud storage service designed for online backup and archiving of data and applications on Amazon Web Services (AWS). It is designed to make web-scale computing easier for developers and allows you to store and retrieve any amount of data, at any time, from anywhere on the web. Amazon Linux, on the other hand, is a Linux server operating system from AWS, which is engineered for high performance and stability.
Read Post
ignyte Team

Splunk, Azure, or Sentinel for FedRAMP/NIST Compliance

Mar 22, 2024 By Max Aulakh In Ignyte
Whenever a business wants to work with the federal government, they are going to have to comply with certain frameworks to guarantee that, as part of the federal supply chain, it is secured to an appropriate level. The specific frameworks and standards vary based on factors such as impact levels and whether or not you’re in an industry with specific guidelines, like HIPAA or DoD standards.
Read Post

How to Backup Azure VMs using BDRSuite

Mar 22, 2024 By BDRSuite In BDRSuite

A step-by-step walkthrough of the configuration of BDRSuite Azure virtual machines Backup to different public clouds, or their own data center with a 15-minute RTO and RPO and little administrative work.
#azure #databackup #datarecovery #disasterrecovery #dataprotection
Check out our 30 day free trial : https://www.bdrsuite.com/vembu-bdr-suite-download/

View Video
CloudCasa

Top 3 Multi-Cloud Kubernetes Backup Challenges

Mar 22, 2024 By Martin Phan In CloudCasa
In the rapidly evolving digital landscape, organizations are increasingly relying on Kubernetes and cloud environments to drive agility, scalability, and innovation. However, this shift has introduced complex challenges in Kubernetes backup and disaster recovery, especially when managing resources across multi-cloud and on-premises environments.
Read Post
opti9

Explore AWS Accelerate With Opti9

Mar 20, 2024 By Zoey Zelmore In Opti9
Since its launch as the first public cloud in 2006, AWS has been a leader in cloud technology, helping organizations cut costs and simplify the way they build infrastructure and access their data. While the public cloud has continued to grow in popularity with time, many organizations still find themselves stressing the task of migrating or maintaining their environments efficiently. Overall, 95% of organizations cite lack of expertise as their main struggle in leveraging the public cloud.
Read Post
vanta

How to use Vanta and AWS for logging, monitoring, and IDS

Mar 20, 2024 By Vanta In Vanta
This blog is part of a series about how to use Vanta and AWS to simplify your organization’s cloud security. To learn more about how to use Vanta and AWS, watch our Coffee and Compliance on-demand webinar. ‍ Amazon Web Services, or AWS, is one of the most popular cloud providers for organizations today — providing one of the most flexible and secure cloud environments available.
Read Post
jumpcloud

IT Asset Management vs. Device Management

Mar 20, 2024 By David Worthington In JumpCloud
Devices are the gateways to our work, and IT professionals understand the importance of managing and securing endpoints as part of a holistic identity and access management (IAM) strategy. Yet, it’s impossible to control what you aren’t aware of. Shadow IT, the unauthorized use of devices, apps, and services that people use to perform their jobs, can bypass even the best security programs.
Read Post
jumpcloud

JumpCloud Acquires Resmo for Integrated Asset Management

Mar 19, 2024 By David Worthington In JumpCloud
JumpCloud has acquired Resmo, an asset management and SaaS security solution, to provide customers a unified solution of SaaS, IT security, and asset management that empowers them to eliminate shadow IT and gain full visibility into all apps and cloud infrastructure in an all-in-one solution. The inclusion of Resmo’s technologies will enhance JumpCloud’s ability to help customers deliver secure and streamlined user provisioning, access request management, and utilization monitoring.
Read Post
datadog

Detect malware in your containers with Datadog Cloud Security Management

Mar 19, 2024 By Parag Baxi In Datadog
Detecting malware in container environments can be a major challenge due to the rapid development of malicious code, the proliferation of insecure container images, and the multilayered complexity of container stacks. Staying ahead of attackers means tracking the constant evolution of malware and rooting out threats in your codebase at the expense of considerable compute.
Read Post

Cloud Unfiltered with Nick Eberts - Complexity of Fleet Management - Episode 6

Mar 19, 2024 By Panoptica In Panoptica
Nick Eberts sits down with host Michael Chenetz to discuss platform engineering, fleet management and cloud-native security on this episode of Cloud Unfiltered. Outshift is Cisco’s incubation engine, innovating what's next and new for Cisco products and sharing our expertise on emerging technologies. Discover the latest on cloud native applications, cloud application security, generative AI, quantum networking and security, future-forward tech research, our latest open source projects and more.
View Video
algosec

Why misconfigurations continue to plague public cloud network services and how to avoid them?

Mar 18, 2024 By Oren Amiram In AlgoSec
Oren Amiram, Director of Product at AlgoSec, explains why misconfigurations continue to plague public cloud network services and how organizations can address these shortfalls with AlgoSec Cloud. Cloud security as a strategy is constantly evolving to meet the needs of organizations for scale, agility, and security. If your organization is weighing the merits of the use of public cloud versus private cloud, here are a few facts to keep in mind. Data shows that the public cloud is the preferred choice.
Read Post
CrowdStrike

5 Best Practices to Secure Azure Resources

Mar 18, 2024 By Brett Shaw In CrowdStrike
Cloud computing has become the backbone for modern businesses due to its scalability, flexibility and cost-efficiency. As organizations choose cloud service providers to power their technological transformations, they must also properly secure their cloud environments to protect sensitive data, maintain privacy and comply with stringent regulatory requirements.
Read Post

The IT Hour | The Latest on Android 03.15.24

Mar 16, 2024 By JumpCloud In JumpCloud
Sergey Belous, Product Manager, tells us about all the cool new updates to JumpCloud's Android management capabilities. Join us at 11:30 am ET. The #IT Hour hosted by #JumpCloud is a #communityprogram focused on the life of #ITAdministrators. With the ever changing #ITlandscape, having community and professional networking opportunities is very valuable. You can expect from our weekly conversations.
View Video
jumpcloud

How to Manage APT Repositories on Debian or Ubuntu

Mar 15, 2024 By David Worthington In JumpCloud
Jump to Tutorial Advanced Package Tool (APT) is the backbone of package management on Debian and Ubuntu systems. It simplifies the process of installing, updating, and removing software. APT works with repositories — designated locations that host packages and update information. Mastering APT repository management ensures you have access to the software you need and that your system remains secure and up to date.
Read Post

Bringing Secure, Streamlined, and Scalable Access Management to the Next Level with the Circles Team

Mar 15, 2024 By JumpCloud In JumpCloud
Urvashi H.V., Technical Community Champion, JumpCloud talks to Thomas Dias, Senior Technology & Operations Professional, Gautham Shet - Cyber Security Integration Lead, and Ketan Karnick - Head of Enterprise Security from the Circles.co IT team about how they use JumpCloud to solve their security challenges. The team tells us about how JumpCloud has helped them tighten security, as well as speed up repeated processes via integrations and automation.
View Video
netskope

From Delivery To Execution: An Evasive Azorult Campaign Smuggled Through Google Sites

Mar 15, 2024 By Jan Michael Alcantara In Netskope
Netskope Threat Labs has observed an evasive Azorult campaign in the wild that employs multiple defense evasion techniques from delivery through execution to fly under the defender’s radar as it steals sensitive data. Azorult is an information stealer first discovered in 2016 that steals sensitive information including user credentials, browser information, and crypto wallet data.
Read Post
Featured Post
jumpcloud

SMEs Invest in Tech Opportunities but Risk Missing Security Safeguards

Mar 14, 2024 By Greg Keller, CTO In JumpCloud
Across Europe, 100 million people are employed by small and medium-sized enterprises (SMEs). The UK has over five million SMEs, providing three-fifths of employment and £2.4 trillion in turnover. As a vital component in the national economy, SMEs must continue to invest in automation, technology-led innovation, and underpin this with strong security.
Read Post
sysdig

The Urgent Need for Real-time Cloud Detection & Response

Mar 14, 2024 By Loris Degioanni In Sysdig
It is impressive how explosively the cloud security market has embraced detection and response in recent months. The industry, including both users and vendors, is rapidly acknowledging the complexity of modern cloud attacks. Facilitated by automation and APIs, attacks cannot be effectively countered with traditional solutions that lack context of cloud environments or focus solely on posture.
Read Post
cloudflare

Mitigating a token-length side-channel attack in our AI products

Mar 14, 2024 By Celso Martinho In Cloudflare
Since the discovery of CRIME, BREACH, TIME, LUCKY-13 etc., length-based side-channel attacks have been considered practical. Even though packets were encrypted, attackers were able to infer information about the underlying plaintext by analyzing metadata like the packet length or timing information. Cloudflare was recently contacted by a group of researchers at Ben Gurion University who wrote a paper titled “What Was Your Prompt?
Read Post
11:11 systems

Which Cloud Provider Is Secure By Default?

Mar 14, 2024 By Brandon Leiker In 11:11 Systems
Much like our own blood, data is the lifeblood that flows through the arteries of business today. Organizations must ensure that data is protected appropriately based on that data’s sensitivity, criticality, and regulatory or contractual requirements. These protections are provided through administrative, technical, and physical controls. The primary goal of these controls is to provide preventative, detective, or corrective capabilities.
Read Post
jumpcloud

State of IT 2024

Mar 14, 2024 By JumpCloud
2023 was a year of wild transformation, most notably with huge advances in the availability of AI technologies, persistent security threats, and economic uneasiness. But how will this affect IT professionals in the field in 2024? In this edition of the biannual SME IT Trends Report, JumpCloud surveyed 1200+ IT professionals across the U.S., U.K., and India for insights on how the industry is faring, how others working in IT are preparing for 2024, and quantitative data on IT budgets, OS usage, AI adoption, and more.
Get Report
jumpcloud

How to Modernize Your AD Instance

Mar 14, 2024 By JumpCloud
Whether you want to extend your Active Directory instance to support additional capabilities, need to prepare for an eventual migration without replacing your current implementation, or are ready to move away from AD completely, we've built a roadmap for you. Find your path to modernizing Active Directory by following along with the journeys of Tyrone, Kate, and Eric, fictional IT professionals navigating three different real-world situations where AD needs an update. Grab your copy for detailed insights on the different ways you can prepare your organization to modernize AD.
Get White Paper
vanta

How to use Vanta and AWS to manage vulnerabilities

Mar 13, 2024 By Vanta In Vanta
This blog is part of a series about how to use Vanta and AWS to simplify your organization’s cloud security. To learn more about how to use Vanta and AWS, watch our Coffee and Compliance on-demand webinar. ‍ Amazon Web Services, or AWS, is one of the most popular cloud providers for organizations today — providing one of the most flexible and secure cloud environments available.
Read Post
netskope

Empowering Secure Cloud Adoption: A Response to the NSA and CISA Cybersecurity Guidelines

Mar 12, 2024 By Michael Ferguson In Netskope
In the ever-evolving landscape of cybersecurity, the collaborative effort between the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) in issuing five joint Cybersecurity Information Sheets (CSIs) marks a significant milestone in guiding organizations towards secure cloud adoption. These documents serve as a testament to the critical nature of securing cloud services in an era where digital transformation is not just an option, but a necessity.
Read Post
jumpcloud

What Is Linux Identity and Access Management?

Mar 12, 2024 By Kelsey Kinzer In JumpCloud
Identity and access management (IAM) provides a consistent, centralized solution to manage user identities and automate access control throughout the organization. This helps security leaders introduce role-based access control and meet governance, risk, and compliance goals. Your organization may already have centralized management policies in place. For example, requiring employees to use a VPN when accessing company assets remotely shows an IAM solution in action.
Read Post
jumpcloud

OneLogin Alternatives: Comparing JumpCloud vs. OneLogin

Mar 11, 2024 By Kelsey Kinzer In JumpCloud
Assigning users to the right devices, applications, networks, VPNs, and files is a critical part of every company’s IT workflow. Get it wrong, and you’ve instantly tarnished a new hire’s experience — or worse, opened the door to security and compliance violations. With so much riding on this one component of IT or MSP work, organizations of any size need to be judicious about the identity and access management (IAM) tools they select.
Read Post
entitle

Best Cloud IAM Open Source Tools in 2024

Mar 11, 2024 By Dean Pe'er In Entitle
At AWS Re:Invent 2021 in the keynote address, AWS CTO Werner Vogels, invested a significant chunk of time in zooming in on the Identity and Access Management (IAM) of what he called the Everywhere Cloud. He emphasized that while often being underestimated or overlooked - IAM, remains a critical aspect of our overall security posture. ‍ ‍
Read Post
CloudCasa

Step by Step Migration Guide: AKS Clusters to Azure Linux Using CloudCasa

Mar 11, 2024 By Martin Phan In CloudCasa
CloudCasa by Catalogic can be installed on Azure Kubernetes Service (AKS) clusters using Ubuntu and perform migrations to Azure Linux as the host operating system. The Azure Linux container host for AKS is a lightweight, secure, and reliable OS platform optimized for performance on Azure.
Read Post
cloudflare

Security Week 2024 wrap up

Mar 11, 2024 By Daniele Molteni In Cloudflare
The next 12 months have the potential to reshape the global political landscape with elections occurring in more than 80 nations, in 2024, while new technologies, such as AI, capture our imagination and pose new security challenges. Against this backdrop, the role of CISOs has never been more important. Grant Bourzikas, Cloudflare’s Chief Security Officer, shared his views on what the biggest challenges currently facing the security industry are in the Security Week opening blog.
Read Post

The IT Hour | App Lifecycle Releases 03.08.24

Mar 9, 2024 By JumpCloud In JumpCloud
Josh Roland, Product Manager at JumpCloud tells us about the latest updates to App Lifecycle Management. Join us at 11:30 am ET. The #IT Hour hosted by #JumpCloud is a #communityprogram focused on the life of #ITAdministrators. With the ever changing #ITlandscape, having community and professional networking opportunities is very valuable.
View Video
cloudflare

Launching email security insights on Cloudflare Radar

Mar 8, 2024 By David Belson In Cloudflare
During 2021's Birthday Week, we announced our Email Routing service, which allows users to direct different types of email messages (such as marketing, transactional, or administrative) to separate accounts based on criteria such as the recipient’s address or department. Its capabilities and the volume of messages routed have grown significantly since launch.
Read Post
cloudflare

Log Explorer: monitor security events without third-party storage

Mar 8, 2024 By Jen Sells In Cloudflare
Today, we are excited to announce beta availability of Log Explorer, which allows you to investigate your HTTP and Security Event logs directly from the Cloudflare Dashboard. Log Explorer is an extension of Security Analytics, giving you the ability to review related raw logs.
Read Post

Protecting Amazon S3 with Rubrik Security Cloud

Mar 8, 2024 By Rubrik In Rubrik
AWS S3 object storage is one of the most adopted services in the cloud. At the same time, cyberattacks are on the rise, with the cloud becoming the preferred target and often specifically focusing an organization’s data like in S3. With Rubrik, you can ensure your S3 data is resilient and recoverable from cyberattacks and operational failures while taking advantage of.
View Video

Netskope One Platform Demo

Mar 8, 2024 By Netskope In Netskope
Unrivaled visibility. Real-time data and threat protection. The Netskope One platform unifies all the core components of a SASE architecture, including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), Cloud Firewall (FWaaS) and Software Defined WAN (SD-WAN) all with a single engine and policy framework.
View Video
jumpcloud

Using the AWS CLI with Amazon Linux

Mar 8, 2024 By David Worthington In JumpCloud
Amazon Web Services (AWS) provides a wide array of cloud computing solutions. Mastering the AWS Command Line Interface (CLI) is an essential skill for developers, system administrators, and cloud engineers working within its ecosystem. Amazon Linux, an open source Linux distribution provided by AWS, is optimized for running on AWS infrastructure, making it a popular choice for cloud-based applications.
Read Post
cloudflare

Protocol detection with Cloudflare Gateway

Mar 8, 2024 By Ankur Aggarwal In Cloudflare
Cloudflare Gateway, our secure web gateway (SWG), now supports the detection, logging, and filtering of network protocols regardless of their source or destination port. Protocol detection makes it easier to set precise policies without having to rely on the well known port and without the risk of over/under-filtering activity that could disrupt your users’ work. For example, you can filter all SSH traffic on your network by simply choosing the protocol.
Read Post
cloudflare

Advanced DNS Protection: mitigating sophisticated DNS DDoS attacks

Mar 7, 2024 By Omer Yoachimik In Cloudflare
We're proud to introduce the Advanced DNS Protection system, a robust defense mechanism designed to protect against the most sophisticated DNS-based DDoS attacks. This system is engineered to provide top-tier security, ensuring your digital infrastructure remains resilient in the face of evolving threats. Our existing systems have been successfully detecting and mitigating ‘simpler’ DDoS attacks against DNS, but they’ve struggled with the more complex ones.
Read Post
cloudflare

Building secure websites: a guide to Cloudflare Pages and Turnstile Plugin

Mar 7, 2024 By Sally Lee In Cloudflare
Balancing developer velocity and security against bots is a constant challenge. Deploying your changes as quickly and easily as possible is essential to stay ahead of your (or your customers’) needs and wants. Ensuring your website is safe from malicious bots — without degrading user experience with alien hieroglyphics to decipher just to prove that you are a human — is no small feat. With Pages and Turnstile, we'll walk you through just how easy it is to have the best of both worlds!
Read Post
sysdig

Customers Rate Sysdig 5 Out of 5 in Gartner Voice of the Customer for Cloud Security Posture Management Tools

Mar 7, 2024 By Marla Rosner In Sysdig
As more and more workloads move to the cloud, the attack surface security teams need to secure has grown exponentially. To guard the massive perimeter of the cloud, you need to position your cloud infrastructure to be as safe as possible by default.
Read Post

Cloud Unfiltered with Cory O'Daniel on DevOps vs. Platform Engineering - Episode 4

Mar 7, 2024 By Panoptica In Panoptica
Cory O'Daniel, CEO of Massdriver discusses his blog series, which contains the article entitled "DevOps is BS!". Find out why he and others are coming to the conclusion that this may be the case. Additionally, Cory discusses the need for a more consolidated approach to DevOps and how platform engineering may be the answer. Find Out: Find out this and more in the latest episode of Cloud Unfiltered.
View Video
netskope

Netskope Cloud Exchange for Your Zero Trust Journey

Mar 7, 2024 By Agasthiamani Sankaran In Netskope
Early in 2023 my colleague, and VP of Technology Integrations and Business Development, David Willis walked us through Realizing the True Power of Netskope Cloud Exchange. In the article, David painted the evolution of Cloud Exchange with a focus on how the Netskope Cloud Threat Exchange (CTE) module has matured since it was released.
Read Post
CrowdStrike

Falcon Cloud Security Supports GKE Autopilot to Secure More GCP Workloads

Mar 7, 2024 By Cody Queen In CrowdStrike
In the ever-evolving landscape of cloud security, staying ahead of the curve is paramount. Today, we are announcing an exciting enhancement: CrowdStrike Falcon® Cloud Security now supports Google Kubernetes Engine (GKE) Autopilot. This integration marks an important milestone in our commitment to providing cutting-edge DevSecOps-focused security and solutions for modern cloud environments.
Read Post

Bridging Security and IT Operations feat. Defensible Technology

Mar 7, 2024 By JumpCloud In JumpCloud
In this JumpCloud Partner Success Interview we meet with Stephen Doty, CEO and Founder of Defensible Technology, as he talks about JumpCloud as a "swiss army knife" for IT, their diverse clientele, and how their journey with JumpCloud started with a single request for SSO and MFA.
View Video
algosec

CSPM importance for CISOs. What security issues can be prevented\defended with CSPM?

Mar 7, 2024 By Rony Moshkovich In AlgoSec
Cloud Security is a broad domain with many different aspects, some of them human. Even the most sophisticated and secure systems can be jeopardized by human elements such as mistakes and miscalculations. Many organizations are susceptible to such dangers, especially during critical tech configurations and transfers.
Read Post
cloudflare

Linux kernel security tunables everyone should consider adopting

Mar 6, 2024 By Ignat Korchagin In Cloudflare
The Linux kernel is the heart of many modern production systems. It decides when any code is allowed to run and which programs/users can access which resources. It manages memory, mediates access to hardware, and does a bulk of work under the hood on behalf of programs running on top.
Read Post
cloudflare

Magic Cloud Networking simplifies security, connectivity, and management of public clouds

Mar 6, 2024 By Steve Welham In Cloudflare
Today we are excited to announce Magic Cloud Networking, supercharged by Cloudflare’s recent acquisition of Nefeli Networks’ innovative technology. These new capabilities to visualize and automate cloud networks will give our customers secure, easy, and seamless connection to public cloud environments.
Read Post

Netskope One & The Zero Trust Engine

Mar 6, 2024 By Netskope In Netskope
The Netskope Zero Trust Engine is at the center of the Netskope One platform, which ensures continuous adaptive trust-based policy controls extend effortlessly and consistently across Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), Cloud Firewall (FWaaS), and Software Defined WAN (SD-WAN) services, leaving no security gaps and delivering an exceptional user experience.
View Video
cloudflare

Securing Cloudflare with Cloudflare: a Zero Trust journey

Mar 5, 2024 By Derek Pitts In Cloudflare
Cloudflare is committed to providing our customers with industry-leading network security solutions. At the same time, we recognize that establishing robust security measures involves identifying potential threats by using processes that may involve scrutinizing sensitive or personal data, which in turn can pose a risk to privacy. As a result, we work hard to balance privacy and security by building privacy-first security solutions that we offer to our customers and use for our own network.
Read Post
cloudflare

Secure your unprotected assets with Security Center: quick view for CISOs

Mar 5, 2024 By Alexandra Moraru In Cloudflare
We understand that one of the significant hurdles faced by our customers, especially larger organizations, is obtaining a clear view of the deployment of Cloudflare services throughout their vast and complex infrastructures. The question isn't just whether Cloudflare is deployed, but whether it's fully optimized across every asset and service. Addressing this challenge head-on, we're rolling out a new feature set designed to provide better visibility and control over your security posture.
Read Post
cloudflare

Protecting APIs with JWT Validation

Mar 5, 2024 By John Cosgrove In Cloudflare
Today, we are happy to announce that Cloudflare customers can protect their APIs from broken authentication attacks by validating incoming JSON Web Tokens (JWTs) with API Gateway. Developers and their security teams need to control who can communicate with their APIs. Using API Gateway’s JWT Validation, Cloudflare customers can ensure that their Identity Provider previously validated the user sending the request, and that the user’s authentication tokens have not expired or been tampered with.
Read Post
safebreach

How a Fortune 500 data company leveraged SafeBreach to transition to 100% cloud

Mar 5, 2024 By SafeBreach In SafeBreach
When a large data company decided to migrate their systems fully to the cloud, their cybersecurity team knew it would be a challenge. The company’s senior security architect put it succinctly: “Our CTO said, we’re going completely to cloud. Everyone buckle up.” Though the organization had assets in the cloud for many years, the team wasn’t sure they were ready to be 100% in the cloud from a security standpoint.
Read Post
manageengine

Why you should be concerned about the largest phishing attack on Azure so far, and what you can do about it

Mar 4, 2024 By M365 Manager Plus In ManageEngine
Azure customers are facing the biggest threat to their privileged accounts. A cybersecurity firm has identified the spread of a new phishing campaign aimed at privileged users like sales directors, account managers, finance managers, vice presidents, presidents, chief financial officers, and CEOs. The campaign’s first set of attacks started around November 2023 and is still a looming threat. The good thing is that you can safeguard against and mitigate this attack.
Read Post
cloudflare

Cloudflare Firewall for AI Will Help Secure AI Applications, At Scale and For Free New protections will secure organisations - by default - from attempted attacks, abuse, and tampering as they increasingly rely on AI models

Mar 4, 2024 By Cloudflare In Cloudflare
Cloudflare, Inc. announces the development of Firewall for AI, a new layer of protection that will identify abuse and attacks before they reach and tamper with Large Language Models (LLMs), a type of AI application that interprets human language and other types of complex data.
Read Post
cloudflare

Defensive AI: Cloudflare's framework for defending against next-gen threats

Mar 4, 2024 By Daniele Molteni In Cloudflare
Generative AI has captured the imagination of the world by being able to produce poetry, screenplays, or imagery. These tools can be used to improve human productivity for good causes, but they can also be employed by malicious actors to carry out sophisticated attacks. We are witnessing phishing attacks and social engineering becoming more sophisticated as attackers tap into powerful new tools to generate credible content or interact with humans as if it was a real person.
Read Post
cloudflare

Cloudflare announces Firewall for AI

Mar 4, 2024 By Daniele Molteni In Cloudflare
Today, Cloudflare is announcing the development of Firewall for AI, a protection layer that can be deployed in front of Large Language Models (LLMs) to identify abuses before they reach the models. While AI models, and specifically LLMs, are surging, customers tell us that they are concerned about the best strategies to secure their own LLMs. Using LLMs as part of Internet-connected applications introduces new vulnerabilities that can be exploited by bad actors.
Read Post
cloudflare

Changing the industry with CISA's Secure by Design principles

Mar 4, 2024 By Kristina Galicova In Cloudflare
The United States Cybersecurity and Infrastructure Agency (CISA) and seventeen international partners are helping shape best practices for the technology industry with their ‘Secure by Design’ principles. The aim is to encourage software manufacturers to not only make security an integral part of their products’ development, but to also design products with strong security capabilities that are configured by default.
Read Post
Trustwave

Cloud Architecture, Frameworks and Benchmarks

Mar 4, 2024 By Trustwave In Trustwave
At any point in your cloud security journey, you should consider practical architectures, frameworks, and benchmarks that will benefit your current and future infrastructure. These tools will provide guidance directly from those who have pioneered similar solutions. Working with existing designs will speed up your efforts and provide your organization with confidence that it is following industry security standards.
Read Post
jumpcloud

What is Privileged Identity Management?

Mar 4, 2024 By Kelsey Kinzer In JumpCloud
Every organization has to assign privileges to its user accounts. Good security practice requires each account to have only the privileges necessary for the role it’s assigned to. Ideally, that means only a few accounts have wide-ranging privileges capable of significantly changing the organization’s security configuration. These typically include systems administrators, database administrators, and service accounts. These accounts are especially vulnerable to security and compliance risks.
Read Post
jumpcloud

How to Install PostgreSQL 16 on RHEL 9

Mar 1, 2024 By David Worthington In JumpCloud
PostgreSQL is one of the leading and widely used open source relational database management systems (RDBMS) that stores structured data in tables, just like MySQL. It is used by developers in their tech stacks and even by large enterprises and corporations to store website and application data. PostgreSQL uses SQL query language to store and manipulate data and also provides JSON support.
Read Post
jumpcloud

Modernize Active Directory: Break Free from the Limitations of AD

Mar 1, 2024 By JumpCloud
Just because you use Active Directory doesn't mean you have to forgo the ability to seamlessly support your ever-changing environment. Just ask Kate, a fictional IT admin representing the journey many AD users take to enable better flexibility and control without deprecating their Active Directory instance. Uncover how you can take the path to modernizing and expanding your Active Directory instance to better support modern work challenges by integrating with JumpCloud's open directory platform.
Get EBook

Copyright © 2024 OpsMatters™. All rights reserved.