Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When a large data company decided to migrate their systems fully to the cloud, their cybersecurity team knew it would be a challenge. The company’s senior security architect put it succinctly: “Our CTO said, we’re going completely to cloud. Everyone buckle up.” Though the organization had assets in the cloud for many years, the team wasn’t sure they were ready to be 100% in the cloud from a security standpoint.

AI compliance has become a pivotal concern for organizations in a rapidly evolving technological landscape. It is inconceivable to overlook the growing importance of AI compliance, particularly for entities deeply entrenched in AI operations. It involves an intricate intersection of legal, ethical, and regulatory dimensions, emphasizing the need for a cohesive approach to ensure comprehensive AI compliance.

AppSec leaders and security practitioners, rejoice! Automating your security practices using Salt Platform APIs is now easier than ever, empowering developers to integrate APIs quickly and efficiently while helping reduce risk. The newly launched Salt Developer Portal is your one-stop hub for all API security automation needs.

We’ve been talking about digital transformation for years (or even decades?), but the pace of evolution is now being catapulted forward by AI. This rapid change and innovation creates and relies upon exponential data sets. And while technology is rapidly evolving to manage and maintain these massive data sets, legacy pricing models based on data ingest volume are lagging behind, making it economically unsustainable.

Today, we are happy to announce that Cloudflare customers can protect their APIs from broken authentication attacks by validating incoming JSON Web Tokens (JWTs) with API Gateway. Developers and their security teams need to control who can communicate with their APIs. Using API Gateway’s JWT Validation, Cloudflare customers can ensure that their Identity Provider previously validated the user sending the request, and that the user’s authentication tokens have not expired or been tampered with.

We understand that one of the significant hurdles faced by our customers, especially larger organizations, is obtaining a clear view of the deployment of Cloudflare services throughout their vast and complex infrastructures. The question isn't just whether Cloudflare is deployed, but whether it's fully optimized across every asset and service. Addressing this challenge head-on, we're rolling out a new feature set designed to provide better visibility and control over your security posture.

Cloudflare is committed to providing our customers with industry-leading network security solutions. At the same time, we recognize that establishing robust security measures involves identifying potential threats by using processes that may involve scrutinizing sensitive or personal data, which in turn can pose a risk to privacy. As a result, we work hard to balance privacy and security by building privacy-first security solutions that we offer to our customers and use for our own network.

Azure customers are facing the biggest threat to their privileged accounts. A cybersecurity firm has identified the spread of a new phishing campaign aimed at privileged users like sales directors, account managers, finance managers, vice presidents, presidents, chief financial officers, and CEOs. The campaign’s first set of attacks started around November 2023 and is still a looming threat. The good thing is that you can safeguard against and mitigate this attack.