We at Netskope Threat Labs have published a series of blogs detailing the misconfigurations in cloud apps causing data exposure. Misconfiguration and sensitive data exposure have been listed as predominant top 10 OWASP security risks for years, and are now also the predominant cause of cloud data breaches.
There is no shortage of IT cloud software services out there for businesses to choose from. Regardless of their business needs you can be sure there will be a myriad of solutions. Instead of a few grand does-it-all services, IT has become a swarm of inter-playing, inter-operating, and interconnecting services. It’s no surprise that services like zapier and IFTTT are thriving in this ecosystem where they can become the glue and automate the gap between them. The future is surely bright.
Earlier this year, the news broke of a new method that attackers were using to infiltrate Google Drive.
Kubernetes clusters have become the go-to solution for hosting applications in the cloud. Most cloud providers offer Kubernetes services, such as the Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (Amazon EKS), or Google Kubernetes Engine (GKE). But are you spending too much on compute resources in the cloud? Is your load pattern complex and difficult to predict? Is the load growing inconsistently or are you running applications on-demand that could cause sudden bursts?
Enabling enclaves-based security is key for enterprise cloud adoption General availability of Nitro Enclaves, recently announced by AWS, is Amazon’s way of delivering confidential computing to its customers. Following similar announcements by Microsoft Azure and Google Cloud, AWS announcement further confirms growing demand for additional runtime protection of customer’s data and other intellectual properties.
Today, cybersecurity, risk, and data protection are issues that are on upper management’s radar. Seeking to minimize the potential for business disruption, board members are getting more involved with the organization’s security program. Recent surveys indicate that 65% of companies are recruiting board members who are knowledgeable about security issues.
Modern languages like Python, NodeJS, and Go make it easy to handle concurrent requests for multiple customers at the same time by using threads or goroutines. Such services seem very cost effective because one process can handle hundreds or thousands of tenants. However, this efficiency comes at a hidden, steep price. When language runtime scheduling breaks down, one tenant can cause an outage for everyone.
