At CloudCasa, as a cloud-native backup-as-a-service provider, we are often dealing with customer concerns about the security and privacy of their data. Sometimes the concern is almost paradoxical because the data and application they are protecting is publicly accessible and running inside the public cloud. However, there are times when organizations use public cloud infrastructure with a network architecture that resembles a private cloud.

Gartner predicted that in three years, “80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform.” It seems like it wasn’t too long ago that the security industry was recommending multiple vendors to safeguard your business. Now the pendulum swings the other way. Fortunately, it’s a healthy sign for the cybersecurity industry.

At ThreatQuotient, we write a lot about security automation. Most recently, we’ve discussed how our data-driven approach to automation helps enable extended detection and response (XDR) in all phases of security operations including detection, investigation and response.

Even before the pandemic, many companies had a relaxed approach to the devices employees brought to work. In fact, many businesses had BYOD (bring your own device) policies that allowed team members to work on personal laptops or cell phones. By one account, 75% of employees use their personal cell phones for work. The rise of remote work has only escalated the use of tablets, laptops, and mobile phones for professional use.

Every year, business owners grapple with the same question: how can I keep my data safe? The cost of a data leak can quickly escalate to over $7 million per incident, not to mention the damage to a business’s brand reputation and competitive advantage. And, unfortunately, cyber attacks are getting more sophisticated every year. There are many solutions on the market to help businesses protect their information.

Passwords are an easy way to implement an authentication mechanism in which the user is asked to enter a string of characters (that he had chosen) to log in to his accounts. We will cover brute force attacks, types and examples in this blog article.

A software Bill of Materials or SBOM provides transparency into an organization’s software, protecting it from supply chain risks. Just because the component you add to your application is secure today doesn’t mean that the application will still be secure tomorrow.

None of us want to look into a production audit system, as this most likely happens after a security breach or a security incident. Over the years, people have come up with many ideas to see what applications are doing. Almost all databases keep event logs to prevent data loss. Systems such as Kubernetes generate events for every action, and applications that probably run in your production also implement some structured logging for the same reason. But what can we do if all of that is not enough?

As more and more applications and application development move to the cloud, traditional security roles and organizational structures are being shaken up. Why is that and what are the benefits of a cloud-first approach for business?

How does an application find its way into a company? In most cases today, people don’t start by searching through their organization’s catalog of approved applications.