Technology

Security Cloud Considerations for Delivering Security Service Edge (SSE)

Jan 6, 2022 By Mark Day In Netskope

In recent blogs, we’ve explored the role of Security Service Edge (SSE) technologies as part of a SASE architecture, and the key differences between SSE and SASE. But so far, we’ve focused more on overall functionality than on its realization and what SSE means from a cloud design and implementation perspective. In this post, we shift gears to put a spotlight on networking and infrastructure as it relates to security clouds.

Read Post

Netskope

Read more about Security Cloud Considerations for Delivering Security Service Edge (SSE)

What You Should Know About the Rise in AWS S3 Security Data Breaches

Jan 6, 2022 By RiskOptics In RiskOptics

Amazon Web Services (AWS) is a cloud platform designed to meet the growing demand for cloud computing worldwide. AWS provides a set of cloud services such as storage, analytics, blockchain, business applications, security, and machine learning. Within this cloud environment is Amazon Simple Storage Services (S3), a cloud storage solution bringing scalability, data availability, security, and performance to companies of any size through so-called “buckets” or data containers.

Read Post

RiskOptics

Read more about What You Should Know About the Rise in AWS S3 Security Data Breaches

The JNDI Strikes Back - Unauthenticated RCE in H2 Database Console

Jan 6, 2022 By Andrey Polkovnychenko, Shachar Menashe In JFrog

Very recently, the JFrog security research team has disclosed an issue in the H2 database console which was issued a critical CVE – CVE-2021-42392. This issue has the same root cause as the infamous Log4Shell vulnerability in Apache Log4j (JNDI remote class loading). H2 is a very popular open-source Java SQL database offering a lightweight in-memory solution that doesn’t require data to be stored on disk.

Read Post

JFrog

Read more about The JNDI Strikes Back - Unauthenticated RCE in H2 Database Console

Best Practices for Mobile App Security Testing for Developers & Non-Developers

Jan 5, 2022 By Ron Stefanski In Appknox

Mobile application security testing (MAST) covers a wide range of topics, including authentication, authorization, data security, session management, and vulnerabilities for hacking. The mobile AST market is made up of buyers and sellers of products that identify vulnerabilities and apps used with mobile platforms during or post-development.

Read Post

Appknox

Read more about Best Practices for Mobile App Security Testing for Developers & Non-Developers

Secure DevOps on Microsoft Azure: Reduce Cloud & Container Risk

Jan 5, 2022 By Durgesh Shukla In Sysdig

Microsoft Azure is a great choice for enterprises looking to quickly build and deploy apps to the cloud. However, cloud teams must simultaneously consider how to implement DevSecOps practices to reduce, manage and avoid risks. Sysdig is collaborating with Microsoft to simplify cloud and container security and deliver robust SaaS-based solutions for the Azure ecosystem.

Read Post

Sysdig

Read more about Secure DevOps on Microsoft Azure: Reduce Cloud & Container Risk

Azure Penetration Testing | How to Stay Safe

Jan 4, 2022 By Cyphere In Cyphere

Azure Penetration Testing is a process that can be done to find vulnerabilities in the Azure environment. In this video, I will show you how to stay safe by finding and mitigating these vulnerabilities before attackers do! Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.

View Video

Cyphere

Read more about Azure Penetration Testing | How to Stay Safe

Merge Results from Two Data Sets

Jan 4, 2022 By Netskope In Netskope

Pull data from two different data sets and show in a single visualization. Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data-centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

View Video

Netskope

Read more about Merge Results from Two Data Sets

Top Security Risks of Cloud Computing & How to Avoid Them

Jan 4, 2022 By RiskOptics In RiskOptics

The need for versatile and affordable solutions for storing and processing data in enterprises makes cloud computing an increasingly attractive IT strategy. Cloud computing provides flexible and easy-to-use solutions. It can also be more cost-effective than traditional storage methods that require a physical server and hardware at your corporate premises, which is one of the reasons why businesses often make the switch.

Read Post

RiskOptics

Read more about Top Security Risks of Cloud Computing & How to Avoid Them

AlgoSec API Swagger

Jan 4, 2022 By AlgoSec In AlgoSec

On premise and in the cloud, AlgoSec simplifies and automates network security policy management to make your enterprise more agile, more secure and more compliant – all the time. The AlgoSec platform provides a set of Swagger API documentation, available right from the platform itself. Swagger enables you to execute API request calls and access lists of requested parameters.

View Video

AlgoSec

Read more about AlgoSec API Swagger

What to consider when assessing a CASB with Aaron Cockerill

Jan 3, 2022 By Lookout In Lookout

All roads lead to Cloud Access Security Broker (CASB). Gartner found CASB to be the fastest-growing cyber security segment, with investment increasing by 41.2% (2021 CIO Agenda Survey). It's no surprise, as security teams turn to CASB to solve new cloud service-related challenges that legacy security solutions cannot address.

View Video