As enterprises fast track cloud adoption plans without security considerations, we’ve seen the dangers of cloud misconfigurations and how it continues to cost millions in lost data and revenue for failure to comply. In this blog we’ll explain how to spot the telltale signs and secure your clouds with adequate Cloud Security Posture Management (CSPM).

IT teams live in dynamic environments and continuous integration/continuous delivery has been on high demand. In the dynamic environment, DevOps and underlying technologies such as containers and microservices, continue to grow more dynamic, and complex. Now, just like DevOps, observability has become a part of the software development life cycle.

Cloud API logs are a significant blind spot for many organizations and often factor into large-scale, publicly announced data breaches. They pose several challenges to security teams: For all of these reasons, cloud API logs are resistant to conventional threat detection and hunting techniques.

The Cybersecurity Excellence Awards honor individuals, products and companies that demonstrate excellence, innovation and leadership in information security. Awards are given out based on a combination of the strength of individual nominations and a popular vote by members of the information security community. We were winners in the following categories: We also received a silver award in the Best Cybersecurity Company – Europe category.

Compliance management ensures that an organization’s policies and procedures align with a specific set of rules. The organization’s personnel must follow the policies and procedures to ensure compliance with the set of rules. These rules are based on legal, regulatory, and industry standards.The goal of the compliance management program is to reduce an organization’s overall risk of non-compliance with the legal, regulatory, and industry standards that apply to the business.

In 2013, the U.S. President, Barack Obama, passed an order to boost cybersecurity. The order required the development of a risk-based cybersecurity framework for managing cybersecurity risks for essential infrastructure services. A framework was later developed through an international partnership between small and large businesses spearheaded by the National Institute of Standards and Technology (NIST). Here is a look at the NIST Cybersecurity framework and why it is essential.

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

Amazon’s AWS Systems Manager, better known as SSM to long-time AWS users, was announced at the end of 2017, replacing the similarly named EC2 Systems Manager that had launched a year prior. Similar to other AWS products, System Manager provides a broad spectrum of features instead of a focused and opinionated product.

Network security is a top-of-mind concern for business executives and technical leaders alike. The costs of a major breach can range in the hundreds of millions of dollars, and it can take years for companies’ reputations to recover. But when most people think about network security, network modeling, visualization, and path analysis probably don’t spring to mind. We believe it should.

Have you ever worked with a company that operates as “close to broken” as reasonably possible? Companies that follow that mindset usually do not have the most robust security practice, and they certainly will walk very close to the edge of compliance. Even if you don’t work in such a dysfunctional enterprise as described above, many companies still do not appreciate the interconnection of security and compliance.