Over the past few years, software supply chain security has been top of mind for governments and businesses alike. Following Log4Shell in late 2021, the Biden administration’s National Cybersecurity Strategy started focusing on open source supply chain security. The National Security Agency (NSA) recently released new guidance on securing open source software supply chains.

The same security scenarios are checked thoroughly. Privilege escalation, SQL injection, Port scanning and so on. These checks form the bedrock of defensive security, but as solutions become more complex, so too must our capability to detect complex scenarios. Let’s explore a very complex use case, that ties together multiple Coralogix features, and showcases the power of Coralogix, not just in detecting the simple stuff, but in tracking the most complex scenarios in modern security.

Organizations are adopting Google Cloud at a growing rate. This growth is partially influenced by both the rise of AI computing and a push towards multi-cloud usage. A recent report found that 85 percent of organizations deploy their applications on multi-cloud architecture. With the shift to AI computing and multi-cloud adoption, organizations are reconsidering their cloud security coverage now more than ever.

In February 2024, Lookout discovered an advanced phishing kit targeting the Federal Communications Commission (FCC), along with several cryptocurrency platforms. While most people think of email as the realm of phishing attacks, this threat actor — known as CryptoChameleon — used the phishing kit to build a carbon copies of single sign-on (SSO) pages, then used a combination of email, SMS, and voice phishing to target mobile device users.

In the rapidly advancing realm of cloud-native security, Data Security Posture Management (DSPM) emerges as a critical framework, ensuring organizations maintain robust control over their data assets. As cloud environments evolve, understanding and implementing DSPM becomes vital for better securing data defenses. In this blog post, we'll delve into the basics of DSPM, its significance in cloud-native security and how Panoptica approaches DSPM within its CNAPP solution.

In today’s cloud-native world, systems are usually accessed by users from multiple devices and in various geographic locations. Anyone who has tried to operationalize an impossible travel type alert for cloud resources will understand the myriad nuances and gotchas involved in such an endeavor. A user may be accessing a cloud resource from a mobile device that is tied to a carrier network well away from their normal geographic location.

As businesses embrace remote work and the transformation to the cloud, the need for robust identity management is key. But what exactly is cloud identity management, and why is it critical? Essentially, cloud identity management orchestrates identity and access management (IAM) in cloud environments and supports the shifting of authentication and authorization processes to the cloud.