SASE and TLS 1.3, Part 2: Naming Names
Recall from Part One that we identified three different places in a SASE product where TLS 1.3 support is relevant. In descending order of importance, those places are: proxy, tunnel, and management interface.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Shared Responsibility and Configuration Management in the Cloud: SecTor 2020
A number of high-profile data breaches have resulted directly from misconfigured permissions or unpatched vulnerabilities. For instance, the 2017 Equifax breach was the result of exploiting an unpatched flaw in Apache Struts allowing remote code execution. More recently, the Capital One breach last year stemmed from a misconfigured web application firewall. Verizon’s 2020 DBIR reported that only hacking was more prevalent than misconfiguration errors as the culprit of data breaches.
Featured Post
Container Inspection: Walking The Security Tightrope For Cloud DevOps
Containers are at the forefront of software development creating a revolution in cloud computing. Developers are opting for containerization at an impressive rate due to its efficiency, flexibility and portability. However, as the usage of containers increases, so should the security surrounding it. With containers comprising of many valuable components it is of the utmost importance that there are no vulnerabilities exposed when developing applications, and risks are mitigated before containers, and their contents, reach the end-user.
Detecting Google Cloud Platform OAuth Token Abuse Using Splunk
In a recent post by the Splunk Threat Research team, we addressed permanent and temporary token/credential abuse in AWS and how to mitigate credential exposure. With 94% of Enterprises using a cloud service, and some using at least five different cloud platforms, it’s imperative to stay ahead of threats across multicloud environments. Let’s now turn our attention to Google Cloud Platform (GCP) and how to detect and mitigate OAuth Token Abuse.
You Can Run, But You Can't Hide: Detecting Malicious Office Documents
Malicious Microsoft Office documents are a popular vehicle for malware distribution. Malware families such as Emotet, IcedID, and Dridex use Office documents as their primary distribution mechanism. Several recent Emotet attacks used a novel approach to sending email baits and hosted the malicious documents in cloud apps to increase their success.
Demo: Netskope Next Gen SWG - Defending against the cloud enabled kill chain
Netskope Next Gen Secure Web Gateway delivers web security from the cloud, protecting cloud services, applications, websites, and data for any user, location, or device.
It's All About Access: Remote Access Statistics for Public Cloud Workloads
“The more things change, the more they stay the same.“ In the recent Equinix breach in September 2020, 74 RDP servers were exposed to the Internet. Any publicly exposed ports are a risk but remote access protocols such as RDP have had their share of critical vulnerabilities (e.g., BlueKeep in 2019).
Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks.
Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks with PJ Norris, Senior Systems Engineer. Shares new research Shows common mistakes Offers solutions that help with hardening and compliance in the cloud
Detect Ransomware in Your Data with the Machine Learning Cloud Service
While working with customers over the years, I've noticed a pattern with questions they have around operationalizing machine learning: “How can I use Machine Learning (ML) for threat detection with my data?”, “What are the best practices around model re-training and updates?”, and “Am I going to need to hire a data scientist to support this workflow in my security operations center (SOC)?” Well, we are excited to announce that the SplunkWorks team launched a new add-
The Future of Work: Enabling the Not-so New Normal
At this point in the pandemic, you’re probably tired of everyone referring to remote working as “the new normal.” Large companies like Facebook, Google, and Twitter have already announced that they will be working from home until the end of 2020 at the earliest, or as far out as August 2021. So, if these companies are any indication, we will all still be working from home for the foreseeable future.