Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Tighten Up Your Strategy: Evaluating the Leakiness of a Cloud App

We at Netskope Threat Labs have published a series of blogs detailing the misconfigurations in cloud apps causing data exposure. Misconfiguration and sensitive data exposure have been listed as predominant top 10 OWASP security risks for years, and are now also the predominant cause of cloud data breaches.

What is Access Control?

Access control is a security technique that regulates who or what can view, use or access a place or other resources. It is a fundamental concept in physical security and information security designed to minimize risk. At a high level, access control is about restricting access to a resource. Any access control system, whether physical or logical, has five main components: Access control can be split into two groups designed to improve physical security or cybersecurity:

Securing Kubernetes using Egress Access Controls

A majority of existing workloads are non-Kubernetes, and for the platform teams involved, this creates challenges because the cluster will need to be securely connected to those resources. Calico Enterprise includes several features that enable fine-grained access controls between your microservices and databases, cloud services, APIs, and other applications that may be protected behind a firewall. There are different approaches to managing Kubernetes egress access, depending on your needs and where you want the control point to be

Government and Education Have the Highest Percentage of Apps With Security Flaws

It’s been a stressful year, to say the least, for the government and education sector. Government organizations were challenged with pivoting their operations to a digital model while schools were forced to decide between hybrid or remote learning programs for their students. The rise of digital operations has made application security (AppSec) more important than ever.

The Year of the Pandemic and 2021 Cybersecurity Predictions

2020 will always be remembered as the year our lives changed dramatically due to the Coivd-19 pandemic. Here our panel of security experts look back at the lessons learned in the past 12 months and share their predictions for the key security challenges organizations will face in 2021.

How to Choose a Credible Cloud Security Software Vendor

There is no shortage of IT cloud software services out there for businesses to choose from. Regardless of their business needs you can be sure there will be a myriad of solutions. Instead of a few grand does-it-all services, IT has become a swarm of inter-playing, inter-operating, and interconnecting services. It’s no surprise that services like zapier and IFTTT are thriving in this ecosystem where they can become the glue and automate the gap between them. The future is surely bright.

3 Critical Lessons from 2020's Largest GitHub Leaks

2020 has been a very challenging year for teams and organizations across the world. This has been especially true for security teams, who’ve been responsible for managing the technological risks associated with their organization’s response to the pandemic. With security teams focused on mitigating the seismic impacts that the pandemic has had on their organization’s infrastructure, some of the security problems that emerged before the pandemic have been overlooked.

Testing your Okta visibility and detection with Dorothy and Elastic Security

When approached by stakeholders in their organization, few security teams can confidently demonstrate that logging and alerting capabilities are working as expected. Organizations have become more distributed and reliant on cloud offerings for use cases such as identity and access management, user productivity, and file storage. Meanwhile, adversaries have extended their operational capabilities in cloud environments.

SOC Reports and Why Your API Vendors Should Have Them

Your business relies on third-party APIs to operate. Sometimes they enhance your capabilities, and other times they bridge the gap between your business and where your customers are through integrations. Either way, the intermingling of data and services between your business and these third-party vendors can put your business at risk. When it comes to ensuring these providers are handling data securely, SOC 2 has become one of the most common security frameworks for tech companies.

What the Convergence of Security and Operations Means for Your Organization

These are incredibly exciting times at Devo, as we continue to help customers solve their ever-growing security and analytics challenges. Our market momentum is continuing, as Devo was recently recognized with a CISO Choice award as the best SIEM solution, earned a place on the 2020 Deloitte Technology Fast 500, and was named a Leader in The Forrester Wave™: Artificial Intelligence For IT Operations, Q4 2020.