Technology

Cloud security updates you need to know from re:Invent 2022

Dec 21, 2022 By Shilpi Bhattacharjee, Ashish Rajan In Snyk

After a two-year hiatus (virtual in 2020 and hybrid in 2021), AWS re:Invent was back in person this year in its full glory. Over 52,000 people attended — more than we saw at RSA (26,000) and Blackhat USA (21,000) combined this year.

Read Post

Snyk

Read more about Cloud security updates you need to know from re:Invent 2022

Arctic Wolf Labs Named Open-Source Tool Creator of the Year by SANS Institute

Dec 21, 2022 By Arctic Wolf Labs In Arctic Wolf

“It’s about doing good and doing it exceedingly well.” This was how Daniel Thanos, Head of Arctic Wolf Labs, described the work of Arctic Wolf Labs when accepting the award for Open-Source Tool Creator of the Year, as voted by the SANS Insitute community at the 2022 Difference Makers Awards. This prestigious awards program “honors individuals and teams in the cyber security community who have made a measurable and significant difference in security.”

Read Post

Arctic Wolf

Read more about Arctic Wolf Labs Named Open-Source Tool Creator of the Year by SANS Institute

Secure your application development with AWS and Mend

Dec 21, 2022 By Mend In Mend

Mend, formerly known as WhiteSource, effortlessly secures what developers create. Mend uniquely removes the burden of application security, allowing development teams to deliver quality, secure code, faster. With a proven track record of successfully meeting complex and large-scale application security needs, the world’s most demanding software developers rely on Mend. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, the open source automated dependency update project.

View Video

Mend

Read more about Secure your application development with AWS and Mend

Sysdig Secure and Google Security Command center Integration - Why, What, How

Dec 21, 2022 By Durgesh Shukla In Sysdig

Sysdig is a premier Google Cloud Platform (GCP) partner and has been working with Google towards the common goal of supporting our customers and securing their cloud journey for the last seven years. Sysdig is focused on securing and monitoring workloads running on Google Cloud – including Google Kubernetes Engine (GKE), Autopilot, Anthos, and more. All these various elements of GCP can be protected using Google Security Command Center. Learn more about how to enhance your GCP security.

Read Post

Sysdig

Read more about Sysdig Secure and Google Security Command center Integration - Why, What, How

Panel recap: Breaking Bad Security Habits with Corey Quinn

Dec 20, 2022 By Erin Cullen In Snyk

On December 8th, Clinton Herget and Simon Maple, Field CTOs at Snyk, had the opportunity to chat with Corey Quinn, Chief Cloud Economist at The Duckbill Group, podcast host, curator of “Last Week in AWS”, and snarky Twitter personality. Their conversation took a lot of fun turns, from ranting about the hour-long line to get coffee at AWS re:Invent, to Corey proclaiming that “SBOMs are a fantasy” (there’s more context to that… keep reading).

Read Post

Snyk

Read more about Panel recap: Breaking Bad Security Habits with Corey Quinn

ChatGPT: Emerging AI Threat Landscape

Dec 20, 2022 By Trustwave In Trustwave

ChatGPT has been available to the public since November 30, 2022. Since then, it has made headlines – from being temporarily banned from Stack Overflow because, “while the answers ChatGPT produces have a high rate of being incorrect, they typically look like they might be good, and the answers are very easy to produce,” .

Read Post

Trustwave

Read more about ChatGPT: Emerging AI Threat Landscape

Building a resilient IT infrastructure: Where do enterprises start?

Dec 19, 2022 By PAM360 In ManageEngine

The shift towards hybrid work models has expanded the perimeters of work, adding to the burden on IT teams as they fight to stay resilient in the face of increased attack surfaces. All it takes for an invasion into an enterprise’s IT infrastructure is one compromised identity. So, what are enterprise identities? These are the user names, passwords, networks, endpoints, applications, etc., that act as gateways to business-sensitive information.

Read Post

ManageEngine

Read more about Building a resilient IT infrastructure: Where do enterprises start?

Cloud Native Security - A Complete Overview

Dec 19, 2022 By Cyber Security Journal In SSL2BUY

As the need for a new security strategy grows, we use cloud-native security platforms (CNSP). Cloud services like containers, serverless security, platform as a service (PaaS), and microservices are the building blocks of cloud-native architectures. Because these services are loosely coupled- that is, they are not hardwired to any infrastructure components developers can frequently make changes without harming other parts of the application or other team members’ projects.

Read Post

SSL2BUY

Read more about Cloud Native Security - A Complete Overview

CrowdStrike Cloud Infrastructure Entitlement Management (CIEM)

Dec 19, 2022 By CrowdStrike In CrowdStrike

Identity theft and overly permissive accounts are major challenges faced by organizations in public and hybrid cloud environments. Learn how CrowdStrike Cloud Identity and Entitlement Management (CIEM) can increase the security of your cloud infrastructure while simplifying management across clouds.

View Video

CrowdStrike

Read more about CrowdStrike Cloud Infrastructure Entitlement Management (CIEM)

Cloud Threats Memo: State-sponsored Threat Actors Continue to Abuse Legitimate Cloud Services

Dec 19, 2022 By Paolo Passeri In Netskope

Threat actors exploiting cloud services are keeping me very busy in these final days of this troubled 2022. The main character of this Cloud Threats Memo is MuddyWater (also known as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP.Zagros), one of the most prolific cyber espionage groups, active since at least 2017, and believed to be a subordinate element within Iran’s Ministry of Intelligence and Security (MOIS).

Read Post