November INSIGHTS
Top Cloud Security Challenges This Year – And How to Avoid Them in 2023
There are no indications of settling in the tech environment as the global health crisis wanes; cloud security threats continue to evolve as cloud services expand. Organizations that aggressively ramp up their defensive strategies and reinforce their security mindset will gain an edge, but it may not be clear how to accomplish those goals efficiently. Read More
September INSIGHTS
Tips and Tools to Conduct Amazon Web Services Penetration Tests
Amazon Web Services (AWS) grew 36.5% year over year in Q1 2022, according to business news outlet CNBC. With more than a million active users spread across 190 countries and a service portfolio offering 200 unique products, AWS is a market powerhouse in the cloud hosting space. That also makes it a prime target for attackers and advanced persistent threats. Read More
July INSIGHTS
The Future of Open-Source Software in Cloud-Native Environments
The decision between choosing open source versus proprietary software to build a cloud-native environment is driven by risks and rewards. It should also be based on team size, time investments and available budget.
“Perceptions of open-source software (OSS) are evolving, and what was once seen as potential risk is now seen as an enabler for both security and business,” said Paul Calatayud, CISO, Aqua Security. “The pros of open source are that the community is a strong and collaborative one, and it puts an emphasis on security by working together to identify and resolve software vulnerabilities and bugs.” Read More
May INSIGHTS
Looking for a Break in the Clouds: How to Build More Resilience During Turbulent Times
Business continuity (BC) and disaster recovery (DR) requirements have changed with the advent of cloud services, leading many organizations to reassess their programs. This presents an opportunity, suggested Wolfgang Goerlich, an advisory CISO at Cisco’s Duo Security. “It’s great to do the thing,” he said, referring to cloud continuity planning, “but what if we could do the thing and get more out of it?” Read More
March INSIGHTS
Privacy in a Fishbowl: iCloud controversy raises concerns about potential misuses
Particularly in the United States, privacy has too few protections, and it continues to erode.
That reality is abetted by Americans’ casual surrender of control over how their personal data is used.
Sloane Burwell, senior compliance analyst at Hacker One, makes the distinction that, “If I put my business card in some glass bowl to win a month’s worth of Starbucks, I know that when I do that, my information is going to be shared 50 times. In Europe, they’re absolutely shocked and appalled.” Read More
January INSIGHTS
How to Help Developers Work Fast and Stay Secure in Cloud-Native Environments
The technological world in which we live and work continues to accelerate, in no small part due to growing global adoption of cloud environments to store, process and secure the data and applications that we now consume. That faster pace may foster innovation and improvements and help a solution get to market sooner, but it isn’t without negative consequences. For one, mistakes around workload misconfigurations remain a problem. Then there are shifting roles between cybersecurity professionals and developers, the latter of whom can now select cloud-native security tooling that may—or may not—satisfy an organization’s security operations team. Read More