Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Balance Theory, a seed-stage startup working on technology to help security teams collaborate and manage data flows securely, has closed a $3 million funding round. [Read More]
IBM recently patched a vulnerability in IBM Cloud Databases for PostgreSQL that could have exposed users to supply chain attacks. [Read More]
Pangea Cyber, an early stage startup working on technology in the API security services space, has banked $26 million in a new funding round led by Google Ventures. [Read More]
According to data from Tenable, more than 70 percent of global organizations remain vulnerable to the Log4Shell flaw as of October this year. [Read More]
Sphere Technology Solutions, a New Jersey startup building technology to help defenders clean up excessive and unnecessary access, raises a $31 million Series B round. [Read More]
Google researchers call attention to the ongoing “patch-gap” problem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices. [Read More]
Security researchers at Proofpoint call attention to the discovery of a commercial red-teaming attack tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. [Read More]
The cybersecurity powerhouse plans to spend $195 million in cash to acquire Israeli application security startup Cider Security. [Read More]
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

John Maddison's picture
By integrating with native security services on major cloud platforms, a CNP solution can effectively correlate security findings to pinpoint risks and recommend effective mitigation.
John Maddison's picture
Digital acceleration, user demand, and shifting business strategies add new edges to the network, making it increasingly difficult to manage and even harder to secure.
Laurence Pitt's picture
Defense-in-depth encourages a review of all tools in place, ultimately defining a strategy to use everything available to create a layered security approach between users (or potential attackers) and applications/microservices in use.
Gordon Lawson's picture
Most cyber insurance providers are demanding that companies supply proof of their backup implementation in order to obtain an affordable policy.
Gordon Lawson's picture
Current cloud deployments pose significant risks that could be mitigated with minor changes to infrastructure procurement and access.
Laurence Pitt's picture
The flexible and secure nature of the cloud allows security and application teams to focus on defining strategy for the future rather than being consumed by the management of what is in place today.
William Lin's picture
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
Gunter Ollmann's picture
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Tim Bandos's picture
Shifting to the cloud can be a radical but necessary change. There’s no denying the transition can be time consuming and costly upfront.
William Lin's picture
The combination of “shifting left” and “cloud security” is going to happen and be called “shifting everywhere.”