Cloud security
The cloud offers improved efficiency, flexibility and scalability, but its benefits can be reversed if security isn't top of mind. Read cloud security best practices, including tips on data protection and IaaS, PaaS and SaaS security, as well as cloud-specific tools and services such as CASBs, CWPPs and CSPM.
Top Stories
-
Feature
13 Dec 2024
Breaking down the cost of cloud computing in 2025
Businesses migrating to the cloud can reap benefits they wouldn't get staying on the premises -- but then there's the pricing. Check out cost structures of the big three providers. Continue Reading
-
News
02 Dec 2024
AWS launches automated service for incident response
AWS Security Incident Response, which launched ahead of the re:Invent 2024 conference this week, can automatically triage and remediate events detected in Amazon GuardDuty. Continue Reading
By- Rob Wright, Senior News Director
-
News
21 Dec 2022
Play ransomware actors bypass ProxyNotShell mitigations
CrowdStrike is urging organizations to apply the latest Microsoft Exchange updates after investigations revealed attackers developed a bypass for ProxyNotShell mitigations. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
08 Dec 2022
Risk & Repeat: Breaking down Rackspace ransomware attack
This Risk & Repeat podcast episode discusses the recent ransomware attack against cloud provider Rackspace, as well as the major service outage affecting its customers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
06 Dec 2022
Cisco teases new capabilities with SD-WAN update
Cisco SD-WAN 17.10 enhancements give enterprises the option of using security service edge providers Cloudflare and Netskope in secure access service edge deployments. Continue Reading
By- Mary Reines, News Writer
-
Tip
06 Dec 2022
How to implement least privilege access in the cloud
More organizations are moving their resources to the cloud but are not paying attention to how cloud access privileges are allocated. Learn how to limit access in the cloud. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
06 Dec 2022
Rackspace confirms ransomware attack after Exchange outages
The cloud service provider said that because the investigation of the ransomware attack is in the early stages, it is unknown what, if any, customer data was stolen. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
05 Dec 2022
Rackspace 'security incident' causes Exchange Server outages
Rackspace has not said what caused the security incident, but the cloud provider said it proactively disconnected its Hosted Exchange offering as it investigates the matter. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Opinion
10 Nov 2022
Secure development focus at KubeCon + CloudNativeCon 2022
The pressure is on. It's time for better security that can keep up with modern software developers. That was the message at this year's KubeCon + CloudNativeCon. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
02 Nov 2022
Kusto Query Language primer for IT administrators
Administrators who use Microsoft cloud services, such as Microsoft Sentinel and Microsoft 365, can learn how to pull information from those products with KQL queries. Continue Reading
By- Liam Cleary, SharePlicity
-
Tip
27 Oct 2022
Types of cloud malware and how to defend against them
Cloud malware isn't going away anytime soon, but organizations have a growing number of tools at their disposal to combat the threat. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
20 Oct 2022
Microsoft confirms data leak caused by misconfiguration
Microsoft criticized SOCRadar's reporting of the data leak, saying the threat intelligence vendor "greatly exaggerated" its claim that 65,000-plus entities had data exposed. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Guest Post
19 Oct 2022
3 cloud security posture questions CISOs should answer
As cloud adoption continues to accelerate, CISOs must help IT and cybersecurity teams keep pace with evolving cloud markets, especially when it comes to cloud security posture. Continue Reading
By- Kristopher Carr
-
News
19 Oct 2022
Azure vulnerability opens door to remote takeover attacks
Orca Security researchers uncovered a flaw in Azure Service Fabric that was fixed in last week's Patch Tuesday. It allows elevation of privilege and remote takeover of nodes. Continue Reading
-
Tip
30 Sep 2022
How to decide on what Office 365 add-on licenses to use
Missing certain functionality and want to supplement your subscription to Office 365 or Microsoft 365? Find out what extras make sense for your organization. Continue Reading
By- Liam Cleary, SharePlicity
-
Opinion
21 Sep 2022
Planning the journey from SD-WAN to SASE
Enterprises need integrated security and networking frameworks to manage distributed IT environments and are looking to SD-WAN and security options like SASE to get the job done. Continue Reading
By- Bob Laliberte, Former Principal Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Opinion
14 Sep 2022
5 ways to improve your cloud security posture
With more applications deployed to multiple clouds, organizations must shore up their security posture, and cloud security posture management is designed to help. Find out why. Continue Reading
By- Melinda Marks, Practice Director
-
News
13 Sep 2022
Secureworks reveals Azure Active Directory flaws
Secureworks published details of what it claims are significant security flaws in Azure's authentication system, but Microsoft has dismissed them as non-issues. Continue Reading
-
Opinion
12 Sep 2022
How data security posture management complements CSPM
Data security posture management can provide comprehensive defense-in-depth security for cloud data. Find out more about how DSPM policies move with the data. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
01 Sep 2022
Cybersecurity budget breakdown and best practices
Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
News
30 Aug 2022
VMware aims to improve security visibility with new services
Unveiled at VMware Explore, the company's new security services include Project Trinidad, Project Watch and Project Northstar. All three offer customer visibility enhancements. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
25 Aug 2022
Mitiga: Attackers evade Microsoft MFA to lurk inside M365
During an incident response investigation, Mitiga discovered attackers were able to create a second authenticator with no multifactor authentication requirements. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
24 Aug 2022
5 key questions to evaluate cloud detection and response
Consider these five questions before deciding to invest in a specialized cloud detection and response product. Continue Reading
By- Ed Moyle, Drake Software
-
Definition
24 Aug 2022
homomorphic encryption
Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
News
17 Aug 2022
CISA: Threat actors exploiting multiple Zimbra flaws
Cybersecurity vendor Volexity found earlier this month that one flaw, CVE-2022-27925, had compromised more than 1,000 Zimbra Collaboration Suite instances. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
11 Aug 2022
What is data security? The ultimate guide
Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
By- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
-
News
10 Aug 2022
Ermetic addresses IAM weaknesses in multi-cloud environments
Researchers at the cloud security vendor discussed the importance of understanding the different identity and access management features among the major cloud providers. Continue Reading
By- Arielle Waldman, News Writer
-
News
04 Aug 2022
Amazon CSO Steve Schmidt talks prescriptive security for AWS
In part two of this Q&A, Amazon CSO Steve Schmidt discusses why AWS has taken a more prescriptive approach to customer security and how it influences areas like incident response. Continue Reading
By- Arielle Waldman, News Writer
- Rob Wright, Senior News Director
-
News
03 Aug 2022
Amazon CSO Steve Schmidt preaches fungible resources, MFA
In a Q&A with SearchSecurity, Amazon CSO Steve Schmidt discusses his time as head of AWS security and shifts the cloud provider made to improve its posture, as well as customers'. Continue Reading
By- Rob Wright, Senior News Director
- Arielle Waldman, News Writer
-
News
02 Aug 2022
New Microsoft tools aim to protect expanding attack surface
New security concerns have arisen around initial attack vectors and visibility into a broader attack surface as companies have moved to the cloud, according to Microsoft. Continue Reading
By- Arielle Waldman, News Writer
-
News
28 Jul 2022
AWS adds anti-malware and PII visibility to storage
New tools unveiled by AWS at re:Inforce 2022 add new anti-malware capabilities to AWS block storage and a way to find personally identifiable information with S3 object storage. Continue Reading
By- Tim McCarthy, News Writer
-
News
26 Jul 2022
AWS issues MFA call to action at re:Inforce 2022
To reduce growing attack surfaces in the cloud, AWS executives emphasized the importance of implementing MFA to protect accounts and blocking public access to cloud resources. Continue Reading
By- Arielle Waldman, News Writer
-
News
26 Jul 2022
CrowdStrike launches cloud threat hunting service
Launched at AWS re:Inforce 2022, CrowdStrike's Falcon OverWatch Cloud Threat Hunting is a standalone threat hunting service built to stop advanced threats from within the cloud. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
20 Jul 2022
data compliance
Data compliance is a process that identifies the applicable governance for data protection, security, storage and other activities and establishes policies, procedures and protocols ensuring data is fully protected from unauthorized access and use, malware and other cybersecurity threats. Continue Reading
By -
News
19 Jul 2022
Calamu Protect defends data through sharding, encryption
Calamu Protect 1.2 expands data protection capabilities for its data harbor through multi-tenancy features and support for protecting Microsoft 365 data. Continue Reading
By- Tim McCarthy, News Writer
-
Tip
18 Jul 2022
Key factors to achieve data security in cloud computing
Enterprises face a variety of data security concerns when deploying assets to the cloud. But there are some guidelines you can follow to make sure your assets are protected. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
14 Jul 2022
3 steps for getting started with security service edge
Before getting started with security service edge (SSE), formulate a migration strategy. Check out these three expert tips for tackling SSE with maximum efficiency and ease. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Tip
14 Jul 2022
SecOps vs. CloudSecOps: What does a CloudSecOps team do?
Now, more than ever, organizations need to build controls, monitor and enact security response activities for the cloud. This is where the CloudSecOps team comes into play. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
28 Jun 2022
Do you meet all the modern authentication requirements?
Microsoft's push to a more secure method for user authentication and authorization could catch some enterprises flat-footed if IT hasn't done its homework. Continue Reading
By- Reda Chouffani, Biz Technology Solutions
-
News
28 Jun 2022
Wiz launches open database to track cloud vulnerabilities
Wiz researchers Alon Schindel and Amitai Cohen and Scott Piper, cloud security engineer at Block, launched a database to list all known cloud vulnerabilities and security issues. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
27 Jun 2022
How to set up Exchange Online modern authentication
Microsoft plans to tighten up security on its hosted email platform to prevent attackers from gaining access to user credentials. Is your organization ready? Continue Reading
By- Reda Chouffani, Biz Technology Solutions
- Nathan O'Bryan, Planet Technologies
-
News
24 Jun 2022
Researchers criticize Oracle's vulnerability disclosure process
While the critical flaws were reported in April, it took the vendor nearly half a year to issue patches, exceeding the standard responsible coordinated disclosure policy. Continue Reading
By- Arielle Waldman, News Writer
-
News
20 Jun 2022
Paige Thompson found guilty in 2019 Capital One data breach
The former Amazon engineer who hacked AWS and gained access to sensitive data belonging to Capital One customers has been convicted. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
16 Jun 2022
Top cloud security takeaways from RSA 2022
Key cloud security takeaways from RSA 2022 include the need to shore up cloud application security, consolidate tools and mitigate cybersecurity skills shortages, according to ESG. Continue Reading
By- Melinda Marks, Practice Director
-
News
15 Jun 2022
Microsoft takes months to fix critical Azure Synapse bug
Orca Security discovered that inadequate tenant separation in Microsoft's Azure Synapse service could allow a threat actor to steal credentials from thousands of customers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
15 Jun 2022
How to evaluate security service edge products
As organizations become more cloud-centric and adapt to remote work, a new technique known as security service edge is gaining traction. Continue Reading
By- Ed Moyle, Drake Software
-
Tip
14 Jun 2022
3 steps for CDOs to ensure data sovereignty in the cloud
Data sovereignty regulations, combined with a tsunami of data growth and increased cloud usage, have created a perfect storm that chief data officers must manage. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
News
13 Jun 2022
Tenable slams Microsoft over Azure vulnerabilities
Tenable expressed its frustration after working with Microsoft on the disclosure of two cloud flaws that researchers ranked as critical, which the company later silently patched. Continue Reading
By- Arielle Waldman, News Writer
-
News
13 Jun 2022
Skyhigh Security CEO, VP talk life after McAfee
Gee Rittenhouse discusses the process of building Skyhigh Security, a new company created by Symphony Technology Group as a rebirth of McAfee's enterprise cloud security portfolio. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Jun 2022
VMware launches 'threat intelligence cloud' Contexa
The Contexa threat intelligence service is integrated into all VMware security products and will be available to all new and existing customers at no additional cost. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
01 Jun 2022
Hackers ransom 1,200 exposed Elasticsearch databases
An extensive extortion operation didn't need exploits or vulnerabilities to take over more than 1,200 Elasticsearch databases and demand bitcoin payments, according to Secureworks. Continue Reading
-
Tip
31 May 2022
How to get started with multi-cloud threat hunting
More clouds mean a bigger attack surface. It also complicates how companies can accurately hunt for potential threats. But there are steps to take that can reduce the risk. Continue Reading
By- Ed Moyle, Drake Software
-
News
26 May 2022
'Pantsdown' BMC vulnerability still present in Quanta servers
Eclypsium found that a critical security flaw first disclosed in 2019 remains exposed in many internet-facing servers, leaving networks at risk for remote code execution attacks. Continue Reading
-
News
25 May 2022
Verizon DBIR: Stolen credentials led to nearly 50% of attacks
The Verizon 2022 Data Breach Investigations Report revealed enterprises' ongoing struggle with securing credentials and avoiding common mistakes such as misconfigurations. Continue Reading
By- Arielle Waldman, News Writer
-
News
18 May 2022
CISA calls out security misconfigurations, common mistakes
Poor security practices and misconfigured controls are allowing threat actors to compromise enterprise networks. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
12 May 2022
3 ways to apply security by design in the cloud
Applying security-by-design principles to the cloud may not seem straightforward, but there are several ways to do so. These three areas are a good place to start. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
10 May 2022
Microsoft modern authentication deadline looms over Exchange
Support for basic authentication will end this year, giving administrators who haven't switched to a newer authentication method little time to prepare for a smooth transition. Continue Reading
By- Reda Chouffani, Biz Technology Solutions
-
News
05 May 2022
Hackers exploit vulnerable Adminer for AWS database thefts
Mandiant researchers spotted a threat group using an exploit for older versions of Adminer to get their hands on metadata that included secret keys for AWS accounts. Continue Reading
-
News
05 May 2022
Google cloud misconfiguration poses risk to customers
Cloud security vendor Mitiga discovered 'dangerous functionality' in the Google Cloud Platform that could allow attackers to compromise virtual machines. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
29 Apr 2022
Is cloud critical infrastructure? Prep now for provider outages
The cloud has quickly become critical infrastructure to many organizations. Learn about the top cloud provider outages, and discover tips on preventing disruption during downtime. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
28 Apr 2022
Lapsus$ targeting SharePoint, VPNs and virtual machines
From social engineering attacks to admin tools, a recent NCC Group report examined the tactics used by Lapsus$ to breach companies like Microsoft, Nvidia and Samsung. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
News
25 Apr 2022
LemonDuck botnet evades detection in cryptomining attacks
While the botnet is not new, it appears operators are honing their skills and evading Alibaba Cloud's monitoring service to take advantage of rising cryptocurrency prices. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
14 Apr 2022
Study attests: Cloud apps, remote users add to data loss
A study from ESG found many customers attribute data loss and compliance troubles to the race to put apps in the cloud and accommodate remote workers amid the pandemic. Continue Reading
By- Margie Semilof, TechTarget
-
Tip
14 Apr 2022
The benefits and challenges of managed PKIs
Managing a public key infrastructure is a difficult task. Discover the benefits and challenges of PKI as a service to determine if managed PKI would benefit your organization. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Tip
07 Apr 2022
Should companies ask for a SaaS software bill of materials?
Though it isn't commonplace to ask for a SaaS software bill of materials, one can be beneficial for both SaaS providers and their customers. Learn why. Continue Reading
By- Ed Moyle, Drake Software
-
News
05 Apr 2022
Conti ransomware deployed in IcedID banking Trojan attack
The Conti ransomware gang gained recent notoriety for publicly backing Russia in its invasion of Ukraine. An anonymous researcher then leaked massive amounts of internal Conti data. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
01 Apr 2022
CrowdStrike finds 'logging inaccuracies' in Microsoft 365
CrowdStrike says Microsoft's cloud offering may not be accurately taking logs of user sign-ins, and that could pose a threat to protecting networks and investigating attacks. Continue Reading
-
News
23 Mar 2022
Lawsuit claims Kronos breach exposed data for 'millions'
A class-action lawsuit was filed against Ultimate Kronos Group for alleged negligence regarding a ransomware attack and private cloud breach in December. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
News
22 Mar 2022
STG launches Skyhigh Security from McAfee cloud assets
The new company combines the McAfee Enterprise Security Service Edge portfolio with a name reminiscent of a previous McAfee acquisition: Skyhigh Networks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
21 Mar 2022
2 zero-trust cloud security models emerge as demands shift
Security teams are beefing up enterprise defenses as cloud services become more essential. Zero trust -- tailored to assets, as well as users -- is an integral part of the equation. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
15 Mar 2022
Container vulnerability opens door for supply chain attacks
A CRI-O container engine vulnerability could allow attackers to bypass security controls and take over a host system, according to CrowdStrike researchers. Continue Reading
-
News
08 Mar 2022
Google to acquire Mandiant for $5.4B
Google's acquisition announcement came less than a year after Mandiant and FireEye split. FireEye was sold to Symphony Technology Group last fall for $1.2 billion. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
23 Feb 2022
Crosswalk cloud compliance to ensure consistency
Combining a risk management framework with security policies can be tricky, but crosswalking -- especially in the cloud -- can help address inconsistencies and maintain compliance. Continue Reading
By- Diana Kelley, SecurityCurve
-
News
17 Feb 2022
Snyk enters cloud security market with Fugue acquisition
Analysts say the acquisition of Fugue will give Snyk an opportunity to build a presence in the cloud security market and strengthen its infrastructure-as-code capabilities. Continue Reading
By- Arielle Waldman, News Writer
-
News
01 Feb 2022
Cato Networks adds CASB to growing SASE portfolio
Cato Networks has added CASB app visibility and enforcement capabilities to its growing SASE portfolio, and plans to add data loss prevention in the coming months. Continue Reading
By- Madelaine Millar, TechTarget
-
Opinion
31 Jan 2022
IaC security options help reduce software development risk
The use of infrastructure as code is increasing among developers, but security teams can take advantage of a growing number of tools to make sure IaC doesn't increase risk. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Feature
31 Jan 2022
Include defensive security in your cybersecurity strategy
Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help. Continue Reading
By- Kyle Johnson, Technology Editor
-
Tip
21 Jan 2022
Top cloud security standards and frameworks to consider
Cloud security standards and frameworks are key to securing systems and maintaining privacy. Read up on available options and advice for selecting the best for your organization. Continue Reading
By -
Tip
20 Jan 2022
Introduction to automated penetration testing
Automated penetration testing, which speeds up the process for companies and vendors, is maturing. Is it ready to close the time gap between vulnerability discovery and mitigation? Continue Reading
By- Andrew Froehlich, West Gate Networks
- Definition 19 Jan 2022
-
Tip
18 Jan 2022
Cloud-native security architecture principles and controls
Building a sound cloud security framework is challenging, and it's even more so when implementing a cloud-native architecture. Here are steps you can take to make the job easier. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
12 Jan 2022
New RAT campaign abusing AWS, Azure cloud services
Cisco Talos discovered threat actors taking advantage of public cloud services to spread remote administration tools such as NanoCore, NetWire and AsyncRAT. Continue Reading
-
Feature
29 Dec 2021
Editor's picks: Top cybersecurity articles of 2021
As we call it a wrap on 2021, SearchSecurity looks at the top articles from the last 12 months and their sweeping trends, including ransomware, career planning and more. Continue Reading
By- Isabella Harford, TechTarget
-
Tip
14 Dec 2021
4 API authentication methods to better protect data in transit
The API attack surface isn't always well protected. Learn about the authentication methods your company can use to secure its APIs. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Opinion
09 Dec 2021
Cloud application developers need built-in security
Enterprises plan to increase cloud application security spending in 2022. Find out how security vendors and cloud application developers can meet their needs. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
07 Dec 2021
USB-over-Ethernet bugs put cloud services at risk
SentinelOne says vulnerabilities in the Eltima SDK, which connects USB devices on virtual workstations, can put enterprises at risk of privilege escalation attacks. Continue Reading
-
News
06 Dec 2021
One year later, SolarWinds hackers targeting cloud providers
The hacking crew accused of breaking into SolarWinds a year ago is back at it and is trying to get to their targets through attacks on the networks of cloud computing providers. Continue Reading
-
Tip
06 Dec 2021
How to get started with attack surface reduction
Attack surface reduction and management are vital to any security team's toolbox. Learn what ASR is and how it complements existing vulnerability management products. Continue Reading
By- Diana Kelley, SecurityCurve
-
Definition
02 Dec 2021
Twofish
Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits. Continue Reading
By -
News
01 Dec 2021
Dell extends Cyber Recovery ransomware protection to AWS
Dell EMC's PowerProtect Cyber Recovery launched in AWS Marketplace, providing customers with a way to isolate their data in AWS-based storage instead of on premises. Continue Reading
By -
News
01 Dec 2021
CISA taps CrowdStrike for endpoint security
The U.S. government's cybersecurity authority will be watched over by security vendor CrowdStrike as part of the larger government IT security overhaul. Continue Reading
-
News
22 Nov 2021
GoDaddy discloses breach of 1.2M customer account details
Web hosting provider GoDaddy said an attacker broke into its Managed WordPress service and accessed the account details and SSL keys of 1.2 million customers. Continue Reading
-
News
11 Nov 2021
Aruba Central breach exposed customer data
HPE-owned Aruba Networks said one of its cloud databases was accessed by hackers who were able to make off with location and telemetry data for its customers' Wi-Fi gear. Continue Reading
-
Tip
09 Nov 2021
How to overcome 3 multi-tenancy security issues
Explore three major multi-tenancy security challenges and how to fix them, including lack of visibility, privilege overallocation and poor data security management. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
02 Nov 2021
Why cloud bugs don't get CVEs, and why it's an issue
Lack of public disclosures for cloud bugs can allow vendors to sit on vulnerability reports and can prevent researchers from getting acknowledgement and payouts. Continue Reading
-
Guest Post
23 Aug 2021
Why zero-trust models should replace legacy VPNs
Many organizations use legacy VPNs to secure their networks, especially in the work-from-home era. Expert Pranav Kumar explains why zero-trust models are a safer option. Continue Reading
By- Pranav Kumar
-
Tip
21 Jul 2021
Automate app security with SaaS security posture management
Keeping track of cloud application security settings and configurations businesswide is no easy task. Automate this cumbersome task with SSPM. Continue Reading
By- Ed Moyle, Drake Software
-
Guest Post
16 Jul 2021
4 healthcare risk management tips for secure cloud migration
From improving the security posture and updating threat modeling to securing cloud data, learn about four risk management tips for healthcare organizations migrating to cloud. Continue Reading
By- Nabil Hannan
-
Guest Post
24 May 2021
Embrace speed and security for your cloud security strategy
As companies solidify their cloud security strategies, they need to ensure that they're considering where they're at now, governance needed and metrics to follow. Continue Reading
By- Altaz Valani
-
Tip
22 Apr 2021
How cloud monitoring dashboards improve security operations
Cloud monitoring dashboards can help security teams achieve visibility in complex, sprawling environments. Learn about cloud-native, third-party and open source deployment options. Continue Reading
By- Ed Moyle, Drake Software
-
Tip
16 Mar 2021
Implement Kubernetes for multi-cloud architecture security
Uncover how orchestration tools benefit multi-cloud environments, and get help selecting the right deployment model for Kubernetes in multi-cloud architectures. Continue Reading
By- Ed Moyle, Drake Software
-
Guest Post
26 Feb 2021
Dispelling 4 of the top cloud security myths today
Booz Allen's Jimmy Pham and Brad Beaulieu dispel four major cloud security myths, exploring why staying in the cloud rather than returning to on premises may be the more secure option. Continue Reading
By- Jimmy Pham and Brad Beaulieu