Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Docker recently resolved a runc privilege escalation vulnerability that could be exploited by a malicious program to escape container and access the host. [Read More]
Google has launched a beta version of a new Cloud Key Management System (KMS) to supplement the existing Google-managed server-side encryption and customer-controlled on-premise key management. [Read More]
A second variant of the Shamoon 2 malware targets virtualization products, likely in an effort to make recovery more difficult and increase the impact of the attack [Read More]
An open source tool called “Truffle Hog” helps developers check if they’ve accidentally leaked any secret keys on GitHub [Read More]
Bitglass, a Silicon Valley-based provider of mobile and cloud data protection solutions, today announced that it has secured $45 million in a Series C funding round. [Read More]
Cisco patches actively exploited privilege escalation vulnerability in CloudCenter Orchestrator [Read More]
VMware patches important XSS in ESXi and critical authentication flaw in vSphere Data Protection (VDP) [Read More]
Symantec on Monday filed a patent infringement lawsuit against cloud-based security firm Zscaler, Inc., accusing Zscaler of violating seven of Symantec’s patents within Zscaler products. [Read More]
Vulnerabilities in Microsoft’s Azure cloud platform could have been exploited to gain access to RHEL virtual machines and storage accounts [Read More]
On average, an enterprise now uses 1,427 cloud services. Although enterprises are attempting to control their use of cloud apps, this has clearly not yet been achieved. [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

David Holmes's picture
Will containers replace traditional operating system virtualization in the same way that virtualization has replaced much of the physical, bare-metal world? And how secure are containers, anyway?
Danelle Au's picture
When it comes to SaaS applications versus on-premise, there are three characteristics that define the need for a different approach to data governance, risk management and security in the cloud.
David Maman's picture
Through simple planning and forethought, organizations can ensure their databases not only meet compliance requirements, but will remain secure.
David Maman's picture
Moving sensitive data into the hands of third-party cloud providers expands and complicates the risk landscape in which companies operate every day.
David Maman's picture
Database Activity Monitoring (DAM) is a crucial part of your compliance and safety profile, but to be effective at protecting your database, you need to understand its limitations.
Danelle Au's picture
Cloud adoption should be a collaborative rather than prescriptive process between employees and IT. With the right mindset and strategy, what employees want and what IT wants can become a proper union in a Venn diagram.
Rebecca Lawson's picture
There is a common misconception that in order to move to virtual security solutions, companies can, or should, replace physical security technologies they rely on to keep their networks safe today.
Danelle Au's picture
The recent iCloud attack brings up very important considerations on data security, not only for consumers, but for any enterprise that uses the cloud.
Danelle Au's picture
Cloud service providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to and usage of the cloud application.
Danelle Au's picture
Enterprises can gain tremendous competitive advantages by having IT focus on the things that matter – users and information rather than infrastructure maintenance and building.