In today’s fast-paced digital landscape, cloud computing has become an indispensable asset for organizations seeking agility, scalability, and cost-efficiency. However, as businesses embrace the cloud, they must also navigate the intricate challenges of managing and securing their cloud environments. This is where the concept of cloud governance comes into play, serving as a crucial framework for establishing control, ensuring compliance, and optimizing resource utilization.

The Impersonate a client after authentication Windows security setting allows a program or service to act on behalf of a user after the user has logged in. This is essential to the running of many applications, from printing and accessing user files in web applications, to the systems service control manager. This ability to temporarily act as another user is also known as impersonation and the application must have the correct security configuration in order to do so.

On August 7th, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an update to an existing advisory (AA23-061A) highlighting new TTPs being leveraged by the recently rebranded “Royal” ransomware gang – now known as BlackSuit. Detailed information about this threat and the associated IOCs and TTPs can be seen on #StopRansomware: Blacksuit (Royal) Ransomware.

Elastic Security 8.15 is now available, enhancing our mission to modernize security operations with AI-driven security analytics. Key features include the brand new Automatic Import to streamline data ingestion and onboarding, support for Google’s Gemini 1.5 Pro and Flash large language models (LLMs), a new set of APIs for the Elastic AI Assistant, on-demand file scans for the Elastic Defend integration, and a redesigned way of pivoting between different contexts.

This week, the National Institute for Standards and Technology (NIST) released “Implementing a Zero Trust Architecture (NIST SP 1800-35)” for public comment. The guide is written by NIST’s National Cybersecurity Center of Excellence (NCCoE) in collaboration with 24 cybersecurity companies. Now in its fourth draft, NCCoE has opened up comments for this Zero Trust Architecture (ZTA) guide through Sept. 30, 2024, as part of a 60-day review cycle.

With remote work, bring-your-own-device, and shadow IT apps becoming commonplace, the number of unsanctioned apps and untrusted devices is rapidly climbing. And cybersecurity and IT leaders have been stuck with tools that only secured access to some applications, some devices, and some people, creating an Access-Trust Gap.