Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

An analysis of 1,000 popular Docker containers revealed that nearly 20% of them have nulled root passwords, Kenna Security says. [Read More]
Data center and cloud security company Guardicore has secured $60 million in Series C funding round led by Qumra Capital. [Read More]
New Intel CPU vulnerabilities known as MDS, ZombieLoad, Fallout and RIDL impact millions of devices. Affected vendors published advisories and blog posts with information for users. [Read More]
ZombieLoad, RIDL and Fallout: Intel processors are vulnerable to more speculative execution side-channel attacks that can allow malware to obtain sensitive data. [Read More]
For the past three years, Alpine Linux Docker images have been shipped with a NULL password for the root user, Cisco’s Talos security researchers have discovered. [Read More]
Cloud security firm DivvyCloud raises $19 million and plans on using the money to improve its technology and expand sales and marketing efforts. [Read More]
An unprotected database belonging to an unidentified organization stored information on 80 million US households. [Read More]
Docker Hub informs users of a data breach that impacted 190,000 accounts. Passwords have been reset and GitHub tokens and access keys have been revoked. [Read More]
Patches released by VMware for its ESXi, Workstation and Fusion products address DoS and information disclosure vulnerabilities related to graphics components. [Read More]
Google this week announced a series of tools meant to increase the overall security of Google Cloud and improve customer trust in the service. [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

Laurence Pitt's picture
“The Cloud Wars” may be dominating IT news headlines, but what does this phrase actually mean? And is it something that an enterprise needs to be concerned with?
Gunter Ollmann's picture
To the surprise of many, public cloud appears to be driving a renaissance in adoption and advancement of managed security service providers (MSSP).
Ashley Arbuckle's picture
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.
Gunter Ollmann's picture
75 years may separate War World II from cloud SIEM, but we’re on the cusp of being able to apply the hard-earned learnings from Abraham Wald in our latest adversarial conflict – the cyberwar.
Preston Hogue's picture
This move to container-based development and agile methodologies has been great for innovation and iteration, but it’s also brought a massive shift in the application landscape with real impact on security teams.
Ashley Arbuckle's picture
Whatever form your move to the cloud takes, you need the right technologies and talent in place to ensure a secure transition.
Laurence Pitt's picture
The biggest truth about security in public cloud is that it provides security at scale. As a single organization, everything you do is at a scale of one.
John Maddison's picture
Analysis of a vendor’s underlying design and optimization approaches will enable you to select the solution that best meets your organization’s performance and budgetary requirements.
Ashley Arbuckle's picture
What can you do to mitigate the risk you may be inadvertently introducing to your public cloud deployments?
Scott Simkin's picture
Clunky security approaches, pieced together from multiple vendors, result in a fragmented security environment where IT teams must manually correlate data to implement actionable security protections.