Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Microsoft has dismantled a malicious campaign in which OAuth applications deployed on compromised cloud tenants were used to distribute spam messages. [Read More]
Wiz shares information on an Oracle Cloud Infrastructure vulnerability allowing attackers to modify users’ storage volumes without authorization. [Read More]
CrowdStrike is elbowing its way into new security markets with a planned acquisition of attack surface management startup Reposify and a strategic investment in API security vendor Salt Security. [Read More]
Ride sharing giant Uber is downplaying the impact from a devastating security breach that included the theft of employee credentials, access to the HackerOne bug bounty dashboard and data from an internal invoicing tool. [Read More]
Security Operations Center (SOC) platform provider Cyrebro has raised $40 million in Series C funding. [Read More]
The non-profit foundation is building a team to proactively identify and address security defects in the popular Rust programming language. [Read More]
The Silicon Valley company has raised a total of $135 million since its launch in 2016 as a provider of data encryption technology using Intel SGX. [Read More]
Fly-direct secure web gateway Dope.security emerges from stealth with $4 million in funding from Boldstart Ventures. [Read More]
Dig Security’s latest financing comes as venture capital investors rush to place bets on startups jostling for space in the cloud data security space. [Read More]
Microsoft says its security teams have detected zero-day exploitation of a critical vulnerability in its flagship Windows platform. [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

John Maddison's picture
By integrating with native security services on major cloud platforms, a CNP solution can effectively correlate security findings to pinpoint risks and recommend effective mitigation.
John Maddison's picture
Digital acceleration, user demand, and shifting business strategies add new edges to the network, making it increasingly difficult to manage and even harder to secure.
Laurence Pitt's picture
Defense-in-depth encourages a review of all tools in place, ultimately defining a strategy to use everything available to create a layered security approach between users (or potential attackers) and applications/microservices in use.
Gordon Lawson's picture
Most cyber insurance providers are demanding that companies supply proof of their backup implementation in order to obtain an affordable policy.
Gordon Lawson's picture
Current cloud deployments pose significant risks that could be mitigated with minor changes to infrastructure procurement and access.
Laurence Pitt's picture
The flexible and secure nature of the cloud allows security and application teams to focus on defining strategy for the future rather than being consumed by the management of what is in place today.
William Lin's picture
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
Gunter Ollmann's picture
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Tim Bandos's picture
Shifting to the cloud can be a radical but necessary change. There’s no denying the transition can be time consuming and costly upfront.
William Lin's picture
The combination of “shifting left” and “cloud security” is going to happen and be called “shifting everywhere.”