Cloud security

The cloud offers improved efficiency, flexibility and scalability, but its benefits can be reversed if security isn't top of mind. Read cloud security best practices, including tips on data protection and IaaS, PaaS and SaaS security, as well as cloud-specific tools and services such as CASBs, CWPPs and CSPM.

Top Stories

News 02 Dec 2024
AWS launches automated service for incident response

AWS Security Incident Response, which launched ahead of the re:Invent 2024 conference this week, can automatically triage and remediate events detected in Amazon GuardDuty. Continue Reading
By
- Rob Wright, Senior News Director
Tip 26 Nov 2024
Microsoft Teams monitoring tips for admins

Learn how to use PowerShell to set up an automated way to check for suspicious activity in the Microsoft chat service to avoid security and compliance issues. Continue Reading
By
- Liam Cleary, SharePlicity

News 26 Nov 2024
AWS CISO details automated cybersecurity tools for customers

Chris Betz, CISO at AWS, discusses how three internal tools are designed to automatically identify and mitigate threats for the cloud giant's customers. Continue Reading
By
- Rob Wright, Senior News Director
News 19 Nov 2024
Microsoft to offer hackers millions in Zero Day Quest event

Microsoft launched Zero Day Quest on Tuesday with a preliminary event offering bug bounty researchers rewards with multipliers for select security scenarios. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 18 Nov 2024
What is public cloud? A definition and in-depth guide

A public cloud is a third-party managed platform that uses the standard cloud computing model to make resources, applications and services available on demand to remote users around the world. Continue Reading
By
- Stephen J. Bigelow, Senior Technology Editor
- Kathleen Casey, Site Editor
- Ron Karjian, Industry Editor
News 15 Nov 2024
MFA required for AWS Organizations member accounts in 2025

AWS is one of several cloud providers that will implement MFA requirements over the next year, with other relevant names including Google Cloud and Microsoft Azure. Continue Reading
By
- Alexander Culafi, Senior News Writer
Answer 14 Nov 2024
8 ways enterprises can enhance object storage security

Object storage is a popular method for storing data, so security is critical. Access is a big piece, extending across several of the eight security best practices here. Continue Reading
By
- Paul Kirvan
Podcast 14 Nov 2024
CEO: GenAI changes multi-cloud security, network equation

Aviatrix CEO Doug Merritt sees generative AI apps forcing a more distributed approach to cloud infrastructure, but he believes it will also help SecOps catch up with threats. Continue Reading
By
- Beth Pariseau, Senior News Writer
Feature 08 Nov 2024
Top data protection software platforms of 2025 for business

Data privacy laws, sophisticated cyberattacks and generative AI's infiltration make it imperative to invest in multifunctional data protection software, but what tools are tops? Continue Reading
By
- Chris Tozzi
Conference Coverage 08 Nov 2024
Microsoft Ignite 2024 conference coverage

Bookmark this guide and check back regularly to see all the news and analysis related to the latest innovations launching at this year's Microsoft Ignite show. Continue Reading
By
- Tom Walat, Site Editor
Tip 07 Nov 2024
How to create an enterprise cloud security budget

As companies migrate more sensitive data and resources into the cloud, it's important to deploy relevant security tools and processes, while staying within budget. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 07 Nov 2024
15 IAM interview questions to prep for your next career move

The job market for identity and access management positions is strong right now, but the competition could be tough. Use these 15 questions to guide your interview prep. Continue Reading
By
- Kathleen Richards
News 05 Nov 2024
Canadian authorities arrest alleged Snowflake hacker

Alexander Moucka was arrested last week and is expected to appear in court Tuesday for allegedly breaching dozens of Snowflake customers. Continue Reading
By
- Arielle Waldman, News Writer
Feature 01 Nov 2024
The future of cloud computing: Top trends and predictions

Expect GenAI, IoT, cloud-native, edge computing, power-hungry data centers, data-hungry LLMs, FinOps and privacy laws to shape public cloud's future as a viable service model. Continue Reading
By
- George Lawton
Feature 29 Oct 2024
10 key characteristics of cloud computing

Evaluate how these 10 characteristics of cloud computing, such as on-demand self-service and broad network access, can help you become a more nimble and cost-effective business. Continue Reading
By
- Kathleen Casey, Site Editor
Opinion 28 Oct 2024
Omnissa-CrowdStrike union reunites management and security

Organizations have growing security and management needs, so partnerships between vendors such as the Omnissa-CrowdStrike partnership provide necessary synergy for IT staff. Continue Reading
By
- Gabe Knuth, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 24 Oct 2024
AI in cloud computing: Benefits and concerns

Businesses see public cloud as the primary vehicle for delivering generative AI's benefits in productivity, operational efficiency and workflow automation, but challenges remain. Continue Reading
By
- Kathleen Richards
News 24 Oct 2024
AWS CDK security issue could lead to account takeovers

Aqua Security researchers discovered AWS Cloud Development Kit is susceptible to an attack vector the vendor refers to as 'shadows resources,' which can put accounts at risk. Continue Reading
By
- Rob Wright, Senior News Director
News 21 Oct 2024
Study outlines 'severe' security issues in cloud providers

Possible security issues involving cloud systems should be taken seriously, as the paper noted the five vendors outlined are responsible for more than 22 million users. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Oct 2024
HashiCorp Vault scalability updates target big enterprises

HashiCorp Vault 1.18 updates make it more suited to large companies, which the vendor is courting with a lighter cloud migration push than with Terraform. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 17 Oct 2024
HashiCorp CTO talks AI strategy, Ansible tie-ins, FedRAMP

In a Q&A to wrap up HashiConf, the company's co-founder and CTO gave his outlook on HashiCorp's approach to AI, configuration management and cloud compliance. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 11 Oct 2024
Cloud licensing explained: What businesses need to know

Businesses vacating the premises and setting up their data and applications in a distributed environment must consider cloud licensing's options, advantages and disadvantages. Continue Reading
By
- Andy Patrizio
News 09 Oct 2024
Ivanti zero-day vulnerabilities exploited in chained attack

The new exploit chains targeting Ivanti Cloud Service Application customers are connected to a previously disclosed critical path traversal flaw, CVE-2024-8963. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 08 Oct 2024
How to plan a cloud strategy: Complete guide and template

A cloud strategy document is a mission statement, not a design document. It should capture the what and why of a company's cloud strategy, without delving into the minutiae of how. Continue Reading
By
- Stephen J. Bigelow, Senior Technology Editor
Opinion 01 Oct 2024
Research reveals strategies to improve cloud-native security

As organizations focus on the cloud to deliver and scale applications, security teams struggle to keep up. Recent research points to how teams can effectively manage cloud security risk. Continue Reading
By
- Melinda Marks, Practice Director
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 27 Sep 2024
What is a cloud access security broker (CASB)?

A cloud access security broker (CASB) is a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Dan Sullivan
Tip 23 Sep 2024
ASPM vs. ASOC: How do they differ?

Application security posture management and application security orchestration and correlation tools both aim to secure applications but use different methodologies. Continue Reading
By
- Dave Shackleford, Voodoo Security
Definition 04 Sep 2024
What is a cloud architect and how do you become one?

A cloud architect is an IT professional who is responsible for overseeing a company's cloud computing strategy. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
- Nicholas Rando, TechTarget
Tip 04 Sep 2024
Microsoft Purview Audit helps IT flush out bad behavior

The auditing tool gives enterprises a way to find problems by examining logs from Microsoft 365 cloud services, such as Exchange Online, to see what actions were taken and where. Continue Reading
By
- Adam Fowler
Definition 20 Aug 2024
What is cloud detection and response (CDR)?

Cloud computing requires a security approach that is different than traditional protections. Where does cloud detection and response fit into a cybersecurity strategy? Continue Reading
By
- Michael Levan
Tip 19 Aug 2024
Too many cloud security tools? Time for consolidation

Does your organization need every cloud security platform and service currently in use? Tool consolidation can reduce the chances of coverage gaps and increase security. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 19 Aug 2024
Microsoft to roll out mandatory MFA for Azure

Following several high-profile attacks across the globe on MFA-less accounts, Microsoft will make the security measure mandatory for Azure sign-ins beginning in October. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Aug 2024
Wiz researchers hacked into leading AI infrastructure providers

During Black Hat USA 2024, Wiz researchers discussed how they were able to infiltrate leading AI service providers and access confidential data and models across the platforms. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Aug 2024
Researchers unveil AWS vulnerabilities, 'shadow resource' vector

During a Black Hat USA 2024 session, Aqua Security researchers demonstrated how they discovered six cloud vulnerabilities in AWS services and a new attack vector. Continue Reading
By
- Rob Wright, Senior News Director
Opinion 06 Aug 2024
Highlights from CloudNativeSecurityCon 2024

This year's Cloud Native Computing Foundation CloudNativeSecurityCon highlighted cloud-native security issues to its many attendees who don't hold security-focused roles. Continue Reading
By
- Melinda Marks, Practice Director
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 06 Aug 2024
How to protect against cloud DDoS attacks

Cloud DDoS protection enables companies to detect and mitigate DDoS attacks before they cause significant downtime, infrastructure issues and potential business losses. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 31 Jul 2024
Microsoft confirms DDoS attack disrupted cloud services

Microsoft suffered a DDoS attack on Tuesday that caused massive outages for customers around the world. Continue Reading
By
- Arielle Waldman, News Writer
Feature 29 Jul 2024
8 blockchain-as-a-service providers to have on your radar

You don't have to build your blockchain project from the ground up. These cloud-based service providers can provide the necessary infrastructure, networking and development tools. Continue Reading
By
- Christine Campbell, The Alpha Content Company
- Tony Kontzer
Definition 26 Jul 2024
What is malware? Prevention, detection and how attacks work

Malware, or malicious software, is any program or file that's intentionally harmful to a computer, network or server. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
Tip 22 Jul 2024
8 cloud detection and response use cases

Unsure whether cloud detection and response is useful for your organization? These eight use cases could make CDR indispensable. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 22 Jul 2024
Cloud detection and response: CDR vs. EDR vs. NDR vs. XDR

Cloud detection and response is the latest detection and response tool. Explore how it differs from endpoint, network and extended detection and response tools. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 18 Jul 2024
Amazon CISO discusses the company's cautious approach to AI

At the recent AWS re:Inforce 2024 conference, Amazon CISO CJ Moses spoke about the risks and threats associated with new AI technology and how the cloud giant addresses them. Continue Reading
By
- Rob Wright, Senior News Director
Tip 18 Jul 2024
How to conduct a cloud security assessment

Cloud computing presents organizations of all types with a nearly endless array of security challenges. Is your security team keeping up – and how do you know? Continue Reading
By
- Dave Shackleford, Voodoo Security
Answer 11 Jul 2024
CASB vs. SASE: What's the difference?

CASB and SASE enhance network and SaaS application security. CASB acts as a security layer for cloud services, while SASE integrates networking and security into one framework. Continue Reading
By
- Evgeniy Kharam, EK Cyber and Media Consulting
- Dmitry Raidman, Cybeats & Security Architecture Podcast
Definition 05 Jul 2024
What is a cyber attack? How they work and how to stop them

A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Mary K. Pratt
Feature 03 Jul 2024
RSA security conference video roundup: 2024 perspectives

We chatted on camera with attendees and presenters at RSAC 2024. To get the highlights of one of the world's major cybersecurity conferences, check out this video collection. Continue Reading
By
- Brenda L. Horrigan, Executive Managing Editor
Tip 02 Jul 2024
How to secure Azure Functions with Entra ID

Centralized identity management is vital to the protection of your organization's resources. Do you know how to secure Azure Functions with Entra ID to optimize data security? Continue Reading
By
- Liam Cleary, SharePlicity
Opinion 21 Jun 2024
AWS makes strong case for its security advantages at re:Inforce

At re:Inforce 2024, AWS shared details of its secure-by-design measures to protect customer data. Continue Reading
By
- David Vance
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 17 Jun 2024
CASB vs. CSPM vs. CWPP: Comparing cloud security tool types

Let's break down some cloud security alphabet soup. CASB, CSPM and CWPP overlap to an extent, but you'll want to pay close attention to how they accomplish different things. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Definition 13 Jun 2024
cloud security

Cloud security, also known as 'cloud computing security,' is a set of policies, practices and controls deployed to protect cloud-based data, applications and infrastructure from cyberattacks and cyberthreats. Continue Reading
By
- Kinza Yasar, Technical Writer
- Andrew Froehlich, West Gate Networks
- Sharon Shea, Executive Editor
News 12 Jun 2024
AWS touts security culture, AI protections at re:Inforce 2024

AWS executives highlighted the company's longstanding security, which evoked comparisons to its chief cloud rival Microsoft and the recent Cyber Safety Review Board report. Continue Reading
By
- Rob Wright, Senior News Director
Tip 12 Jun 2024
The 10 best cloud security certifications for IT pros in 2024

Certifications can help security pros prove their baseline knowledge of infosec topics. Consider adding these top cloud security certifications to your arsenal. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 11 Jun 2024
SASE vs. SSE: Explaining the differences

Most security professionals are familiar with secure access service edge, but now, there's a new tool for administrators to consider: security service edge. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 10 Jun 2024
Mandiant: 'Exposed credentials' led to Snowflake attacks

According to new threat research, Mandiant is reporting that UNC5537 conducted attacks against Snowflake database customers at least as early as April 14. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 10 Jun 2024
8 SaaS security best practices for 2024

SaaS has become ubiquitous. To secure it, take steps to inventory SaaS usage, securely authenticate usage, encrypt data, adopt single sign-on and more. Continue Reading
By
- Ed Moyle, Drake Software
Podcast 05 Jun 2024
Risk & Repeat: Sorting out Snowflake's security mess

This podcast episode discusses the recent attacks against Snowflake customers and a controversial report that claimed the cloud storage and analytics giant had been breached. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 05 Jun 2024
What is a cloud security framework? A complete guide

With so many apps and data residing in cloud, employing a security framework to help protect cloud infrastructure is an essential move for an organization. Continue Reading
By
- Ed Moyle, Drake Software
Tip 05 Jun 2024
Cloud security automation: Benefits and best practices

Automating security in the cloud can be invaluable for threat detection and mitigation. Explore key areas where security professionals should implement automation. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 04 Jun 2024
Tenable warns of vulnerability in Azure service tags

Microsoft disagreed with Tenable's assessment, saying the security issue in Azure service tags is not a vulnerability and that additional authentication layers are required. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 04 Jun 2024
What is cloud security management? A strategic guide

This cloud security guide explains challenges enterprises face today; best practices for securing and managing SaaS, IaaS and PaaS; and comparisons of cloud-native security tools. Continue Reading
By
- Phil Sweeney, Industry Editor
- Stephen J. Bigelow, Senior Technology Editor
News 03 Jun 2024
Snowflake: No evidence of platform breach

Snowflake on Saturday issued a joint statement with third-party investigators Mandiant and CrowdStrike denying reports that its platform had been breached. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 31 May 2024
Threat actor compromising Snowflake database customers

A threat actor tracked as UNC5537 is using stolen credentials against Snowflake database customers to conduct data theft and extortion attacks, cloud security firm Mitiga said. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 21 May 2024
cloud penetration testing

Cloud penetration testing is a tactic an organization uses to assess its cloud security effectiveness by attempting to evade its own defenses. Continue Reading
By
- Char Sample, ICF International
News 21 May 2024
Critical bug discovered in open source utility Fluent Bit

Tenable researchers discovered a critical vulnerability, dubbed 'Linguistic Lumberjack,' in Fluent Bit, an open source logging utility widely used by major cloud providers. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 21 May 2024
cloud workload protection platform (CWPP)

A cloud workload protection platform (CWPP) is a security tool designed to protect workloads that run on premises, in the cloud or in a hybrid arrangement. Continue Reading
By
- Phil Sweeney, Industry Editor
Definition 17 May 2024
hashing

Hashing is the process of transforming any given key or a string of characters into another value. Continue Reading
By
- Kinza Yasar, Technical Writer
- Andrew Zola
News 16 May 2024
IBM sells QRadar SaaS assets to Palo Alto Networks

The deal with Palo Alto Networks comes one year after IBM announced QRadar Suite, an AI-enhanced security platform that combined existing SIEM and XDR products. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 May 2024
AI-driven attacks seen as chief cloud security threat

Tried and true cloud security threats are on the rise. But according to a new report from Palo Alto Networks, the specter of generative AI threats has organizations concerned. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 14 May 2024
cloud-native application protection platform (CNAPP)

Cloud-native application protection platform, or CNAPP, is a software product that bundles multiple cloud security tools into one package, thereby delivering a holistic approach for securing an organization's cloud infrastructure, its cloud-native applications and its cloud workloads. Continue Reading
By
- Mary K. Pratt
Tip 14 May 2024
Cloud vulnerability management: A complete guide

Your security strategy might not grapple directly with cloud vulnerability management. Is it time to consider the possible benefits and challenges of this emerging product class? Continue Reading
By
- Ed Scannell, Freelancer
News 14 May 2024
SonicWall CEO talks transformation, security transparency

SonicWall's CEO said that following a string of serious vulnerabilities the company responded to in 2021, product development and quality assurance operations were overhauled. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 13 May 2024
How to create a cloud security policy, step by step

What are the necessary components of a cloud security policy, and why should an organization go to the trouble to create one? Download a template to get the process started. Continue Reading
By
- Paul Kirvan
Tip 08 May 2024
VM security in cloud computing explained

Cloud computing allows an organization to reduce its risks by having to secure fewer resources. The tradeoff is that cloud creates more attack vectors. Don't let VMs trip you up. Continue Reading
By
- Char Sample, ICF International
Tip 07 May 2024
What is a cloud security engineer, and how do I become one?

A cloud security engineer has specific responsibilities for helping to secure cloud infrastructure, applications and IT assets. Continue Reading
By
- Sean Michael Kerner
Tip 06 May 2024
SSPM vs. CSPM: What's the difference?

Posture management in the cloud is key, but evaluating different tools, such as SaaS security posture management and cloud security posture management platforms, can be confusing. Continue Reading
By
- Dave Shackleford, Voodoo Security
Definition 06 May 2024
cloud infrastructure entitlement management (CIEM)

Cloud infrastructure entitlement management (CIEM) is a discipline for managing identities and privileges in cloud environments. Continue Reading
By
- Mary K. Pratt
Opinion 03 May 2024
AWS to protect its cloud using CrowdStrike security products

AWS is replacing a variety of security products with the CrowdStrike Falcon Platform to further secure applications and data on its cloud. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 02 May 2024
Dropbox discloses data breach involving Dropbox Sign

A threat actor accessed Dropbox Sign customer names, emails, hashed passwords, API keys, OAuth tokens, multifactor authentication information and other data. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 30 Apr 2024
cloud security posture management (CSPM)

Cloud security posture management (CSPM) is a market segment for IT security tools that are designed to identify misconfiguration issues and compliance risks in the cloud. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Definition 30 Apr 2024
Cloud Security Alliance (CSA)

The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the use of cloud technologies to secure other forms of computing. Continue Reading
By
- Linda Rosencrance
Opinion 30 Apr 2024
Security updates from Google Cloud Next '24 center on GenAI

Google has infused Gemini into its security tools and while GenAI isn’t going to solve every security problem right away, its assistive capabilities save much needed time. Continue Reading
By
- Melinda Marks, Practice Director
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 29 Apr 2024
Navigating cloud patch management: Benefits, best practices

Bad actors use malicious code to exploit vulnerabilities, targeting on-demand systems and applications. Having an efficient mechanism to deploy patches in the cloud is critical. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Tip 29 Apr 2024
Top 11 cloud security challenges and how to combat them

Before jumping feet first into the cloud, understand the new and continuing top cloud security challenges your organization is likely to face -- and how to mitigate them. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 25 Apr 2024
3 ways AI is transforming cloud security, according to experts

Generative AI only recently burst into the collective consciousness, but experts say it is already changing cloud security -- on both the defensive and offensive sides. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 18 Apr 2024
CrowdStrike extends cloud security to Mission Cloud customers

CrowdStrike Falcon Cloud Security and Falcon Complete Cloud Detection and Response (CDR) will be made available through the Mission Cloud One AWS MSP platform. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 17 Apr 2024
8 data protection challenges and how to prevent them

Businesses contend with a combination of issues spawned by data overload, privacy regulations, access rights, cyberattacks, cloud environments, generative AI and human error. Continue Reading
By
- Kathleen Richards
Tip 15 Apr 2024
4 types of cloud security tools organizations need in 2024

From CIEM to SSE, these four types of cloud security tools help boost security efforts as organizations continue to expand their cloud environments. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 15 Apr 2024
Data protection vs. security vs. privacy: Key differences

Data protection, privacy and security might look alike but their differences can make or break a comprehensive compliance program to collect, manage, access, erase and secure data. Continue Reading
By
- Stephen J. Bigelow, Senior Technology Editor
Tip 10 Apr 2024
Cloud database security: Best practices, challenges and threats

If your company is using a cloud database, it's critical to stay on top of security. Review the security features offered by top cloud providers, plus some best practices. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 05 Apr 2024
9 top cloud storage security issues and how to contain them

A handful of major cloud storage security issues, such as insufficient access controls and lack of compliance, remain. Learn how to successfully address them. Continue Reading
By
- Paul Kirvan
Tip 02 Apr 2024
Cloud computing forensics techniques for evidence acquisition

With the proper tools and methodologies, security teams can provide analysts with the critical pieces required to complete cloud computing forensics investigations. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 27 Mar 2024
Private vs. public cloud security: Benefits and drawbacks

Uncover the differences between private vs. public cloud security -- as well as hybrid cloud security and multi-cloud security -- before deciding on an enterprise deployment model Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Sharon Shea, Executive Editor
Tip 25 Mar 2024
Cloud account hijacking: How it works and how to prevent it

The ability to identify the various methods of cloud account hijacking is key to prevention. Explore three ways to limit potential consequences of cloud credential compromise. Continue Reading
By
- Ed Moyle, Drake Software
Tip 22 Mar 2024
How to build a data protection policy, with template

Enterprises can't afford to operate without a sound data protection policy that specifies business goals, stakeholders, regulatory obligations, data classifications and access. Continue Reading
By
- Stephen J. Bigelow, Senior Technology Editor
News 21 Mar 2024
AWS fixes 'FlowFixation' vulnerability for account hijacking

A Tenable researcher discovered a session fixation flaw in AWS Managed Workflows for Apache Airflow that, combined with a misconfiguration, could enable account hijacking. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 21 Mar 2024
10 remote work cybersecurity risks and how to prevent them

Larger attack surfaces, limited oversight of data use and more vulnerable technologies are among the security risks faced in remote work environments. Continue Reading
By
- Mary K. Pratt
Tip 19 Mar 2024
How to manage third-party risk in the cloud

Third parties, including CSPs, remain a weak point in the supply chain. Adding CSPs into your organization's third-party risk management processes is crucial. Continue Reading
By
- Dave Shackleford, Voodoo Security
Definition 18 Mar 2024
cloud application

A cloud application, or cloud app, is a software program where cloud-based and local components work together. Continue Reading
By
- Kinza Yasar, Technical Writer
- Joel Shore, News Writer
Definition 18 Mar 2024
cloud load balancing

Cloud load balancing is the process of distributing workloads across computing resources in a cloud computing environment and carefully balancing the network traffic accessing those resources. Continue Reading
By
- Kinza Yasar, Technical Writer
- Robert Sheldon
- Nicholas Rando, TechTarget
Opinion 15 Mar 2024
Cloud detection and response is, and will stay, a team sport

CISOs should push for federated technologies, common processes and formal communications between teams to ensure cloud detection and response is effective and efficient. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 14 Mar 2024
cloud encryption

Cloud encryption is a service cloud storage providers offer whereby a customer's data is transformed using encryption algorithms from plaintext into ciphertext and stored in the cloud. Continue Reading
By
- Cameron Hashemi-Pour, Site Editor
- Michael Cobb
- Rachel Kossman, TechTarget
Tip 11 Mar 2024
5 PaaS security best practices to safeguard the app layer

Underlying APIs, language choice and cybersecurity features can vary widely across PaaS providers. These five security best practices can help in almost any PaaS scenario. Continue Reading
By
- Ed Moyle, Drake Software