Technology

Zero trust in the cloud: Best practices and potential pitfalls

Oct 25, 2022 By Ratan Tipirneni In Tigera

Architecturally speaking, cloud-native applications are broken down into smaller components that are highly dynamic, distributed, and ephemeral. Because each of these components is communicating with other components inside or outside the cluster, this architecture introduces new attack vectors that are difficult to protect against using a traditional perimeter-based approach.

Read Post

Tigera

Read more about Zero trust in the cloud: Best practices and potential pitfalls

JFrog's Advanced Security Scanners Discovered Thousands of Publicly Exposed API Tokens - And They're Active

Oct 20, 2022 By The JFrog Security Research Team In JFrog

The JFrog Security Research team released the findings of a recent investigation wherein they uncovered thousands of publicly exposed, active API tokens. This was accomplished while the team tested the new Secrets Detection feature in the company’s JFrog Advanced Security solution, part of JFrog Xray.

Read Post

JFrog

Read more about JFrog's Advanced Security Scanners Discovered Thousands of Publicly Exposed API Tokens - And They're Active

How to make a mock API server in JavaScript

Oct 20, 2022 By Brian Clark In Snyk

Developing and testing a frontend feature can be difficult, especially when the backend it depends on is not ready. This dependency on a backend API often slows down the development process. In scenarios like this, developing a mock API can save you a lot of time by allowing you to develop your feature independent of the backend, and make it easier to test and identify scenarios where your API might fail before it is ready.

Read Post

Snyk

Read more about How to make a mock API server in JavaScript

Rubrik and GraphQL - Episode 6 - Using the Rubrik API Code Capture Extension

Oct 20, 2022 By Rubrik In Rubrik

Now that we understand how to form and execute our GraphQL calls, many have reached out asking how to automate certain tasks that are performed within the Rubrik Security Cloud UI. In this episode, I'll introduce you to the Rubrik API Code Capture extension for Chrome. If you know how to accomplish something within the UI, the Code Capture extension will show you the exact API call you need, including the query name and formation of the payload that you are sending! It's super easy to use and can save you a ton of time digging through documentation!

View Video

Rubrik

Read more about Rubrik and GraphQL - Episode 6 - Using the Rubrik API Code Capture Extension

What is Security Service Edge (SSE)

Oct 20, 2022 By Netskope In Netskope

What is Security Service Edge (SSE)? Why are legacy security architectures no longer effective? Clear up the confusion and learn about this emerging category that helps improve user experience and security with help from Netskope's Vice President and Chief Evangelist, Bob Gilbert. Intelligent SSE from Netskope is redefining cloud, network, data security.

View Video

Netskope

Read more about What is Security Service Edge (SSE)

Securing your Cloud Infrastructure with Teleport and AWS IAM

Oct 20, 2022 By Teleport In Teleport

Watch this webinar to learn about the challenges in securely delegating access to your AWS resources. Specific topics covered include.

View Video

Teleport

Read more about Securing your Cloud Infrastructure with Teleport and AWS IAM

Cloud security fundamentals part 3: Empower your developers

Oct 20, 2022 By Megan Moore In Snyk

In our previous blog breaking down The 5 Fundamentals of Cloud Security, we looked at the value of prevention and secure design. Mapping resource relationships and enforcing security guardrails throughout development helps greatly reduce an available attack surface. But who will enforce these guardrails when your security team is busy with other work? This should be where developers are able to step in. So let’s look at another vital element in cloud security: empowering developers.

Read Post

Snyk

Read more about Cloud security fundamentals part 3: Empower your developers

Add security context to observability data with Datadog Cloud Security Management

Oct 19, 2022 By Mallory Mooney In Datadog

Organizations are rapidly migrating their infrastructure to the cloud, enabling them to modernize their applications and deliver more value to their customers. But this transition creates significant security risks that they may be unable to keep pace with. For example, cyber attacks on cloud resources are becoming more sophisticated and prevalent. Additionally, organizations often rely on legacy, disjointed security tools that don’t integrate well with cloud-native infrastructure.

Read Post

Datadog

Read more about Add security context to observability data with Datadog Cloud Security Management

Alarming attacks on Internet of Medical Things (IoMT)

Oct 19, 2022 By Jill Rabach In AT&T Cybersecurity

The impact of ransomware attacks on healthcare is as alarming as it is under-addressed. The United States healthcare system alone faces an annual burden of nearly $21 billion due to these attacks. It pays well over $100 million in ransoms, and is beginning to acknowledge the tragic realities of impacted patient care, including higher patient mortality rates. For every headline related to cyberattacks, there are likely hundreds more that go unreported.

Read Post