Technology

Detecting Google Cloud Platform OAuth Token Abuse Using Splunk

Oct 9, 2020 By Rod Soto In Splunk

In a recent post by the Splunk Threat Research team, we addressed permanent and temporary token/credential abuse in AWS and how to mitigate credential exposure. With 94% of Enterprises using a cloud service, and some using at least five different cloud platforms, it’s imperative to stay ahead of threats across multicloud environments. Let’s now turn our attention to Google Cloud Platform (GCP) and how to detect and mitigate OAuth Token Abuse.

Read Post

Splunk

Read more about Detecting Google Cloud Platform OAuth Token Abuse Using Splunk

10 AWS Best Security Practices Guide

Oct 9, 2020 By Outpost 24

More and more companies choose to migrate to a Cloud infrastructure to take advantage of new resources, an elastic storage power and agile deployment, nevertheless IT professionals are not always trained to secure these new technologies. Like traditional infrastructures, a public Cloud infrastructure services requires the implementation of security measures and controls by their users. Enterprises must adapt their security policy to these new technologies to reap the Cloud benefits without increasing their cyberattacks exposure area.

Get Guide

Outpost 24

Read more about 10 AWS Best Security Practices Guide

You Can Run, But You Can't Hide: Detecting Malicious Office Documents

Oct 8, 2020 By Ghanashyam Satpathy In Netskope

Malicious Microsoft Office documents are a popular vehicle for malware distribution. Malware families such as Emotet, IcedID, and Dridex use Office documents as their primary distribution mechanism. Several recent Emotet attacks used a novel approach to sending email baits and hosted the malicious documents in cloud apps to increase their success.

Read Post

Netskope

Read more about You Can Run, But You Can't Hide: Detecting Malicious Office Documents

Eclipse SW360: Main Features

Oct 8, 2020 By Guy Bar-Gil In Mend

Over five years ago, Adrian Bridgwater wrote a Forbes article pronouncing that “If Software Is Eating The World, Then Open Source Will Chew It Up (And Swallow).” That statement is just as true today. Open source components have become a basic building block for software developers, providing them with ready-made solutions from a vast community that help them keep up with today’s speedy and frequent release cycles.

Read Post

Mend

Read more about Eclipse SW360: Main Features

Demo: Netskope Next Gen SWG - Defending against the cloud enabled kill chain

Oct 7, 2020 By Netskope In Netskope

Netskope Next Gen Secure Web Gateway delivers web security from the cloud, protecting cloud services, applications, websites, and data for any user, location, or device.

View Video

Netskope

Read more about Demo: Netskope Next Gen SWG - Defending against the cloud enabled kill chain

It's All About Access: Remote Access Statistics for Public Cloud Workloads

Oct 6, 2020 By Jenko Hwong In Netskope

“The more things change, the more they stay the same.“ In the recent Equinix breach in September 2020, 74 RDP servers were exposed to the Internet. Any publicly exposed ports are a risk but remote access protocols such as RDP have had their share of critical vulnerabilities (e.g., BlueKeep in 2019).

Read Post

Netskope

Read more about It's All About Access: Remote Access Statistics for Public Cloud Workloads

Detect Ransomware in Your Data with the Machine Learning Cloud Service

Oct 5, 2020 By Anthony Tellez In Splunk

While working with customers over the years, I've noticed a pattern with questions they have around operationalizing machine learning: “How can I use Machine Learning (ML) for threat detection with my data?”, “What are the best practices around model re-training and updates?”, and “Am I going to need to hire a data scientist to support this workflow in my security operations center (SOC)?” Well, we are excited to announce that the SplunkWorks team launched a new add-

Read Post

Splunk

Read more about Detect Ransomware in Your Data with the Machine Learning Cloud Service

Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks.

Oct 5, 2020 By Tripwire In Tripwire

Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks with PJ Norris, Senior Systems Engineer. Shares new research Shows common mistakes Offers solutions that help with hardening and compliance in the cloud

View Video

Tripwire

Read more about Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks.

96% of Organizations Use Open Source Libraries but Less Than 50% Manage Their Library Security Flaws

Oct 1, 2020 By Hope Goslin In Veracode

Most modern codebases are dependent on open source libraries. In fact, a recent research report sponsored by Veracode and conducted by Enterprise Strategy Group (ESG) found that more than 96 percent of organizations use open source libraries in their codebase. But – shockingly – less than half of these organizations have invested in specific security controls to scan for open source vulnerabilities.

Read Post

Veracode

Read more about 96% of Organizations Use Open Source Libraries but Less Than 50% Manage Their Library Security Flaws

What Are Cloud Leaks?

Oct 1, 2020 By UpGuard Team In UpGuard

It seems like every day there’s a new incident of customer data exposure. Credit card and bank account numbers; medical records; personally identifiable information (PII) such as address, phone number, or SSN— just about every aspect of social interaction has an informational counterpart, and the social access this information provides to third parties gives many people the feeling that their privacy has been severely violated when it’s exposed.

Read Post