Cloud security
The cloud offers improved efficiency, flexibility and scalability, but its benefits can be reversed if security isn't top of mind. Read cloud security best practices, including tips on data protection and IaaS, PaaS and SaaS security, as well as cloud-specific tools and services such as CASBs, CWPPs and CSPM.
Top Stories
-
News
19 Dec 2024
BeyondTrust SaaS instances breached in cyberattack
BeyondTrust, a privileged access management vendor, patched two vulnerabilities this week after attackers compromised SaaS instances for a 'limited number' of customers. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
17 Dec 2024
The 10 best cloud security certifications for IT pros in 2025
Certifications can help security pros prove their baseline knowledge of infosec topics. Consider adding these top cloud security certifications to your arsenal. Continue Reading
By- Sharon Shea, Executive Editor
-
Feature
11 Apr 2023
Practice Microsoft SC-100 exam questions with answers
Use these practice multiple-choice questions, with answers, to assess your knowledge of the Microsoft Cybersecurity Architect exam. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Feature
11 Apr 2023
How to use Azure AD Connect synchronization for hybrid IAM
Organizations face many challenges authenticating and authorizing users in hybrid infrastructures. One way to handle hybrid IAM is with Microsoft Azure AD Connect for synchronization. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
News
30 Mar 2023
Azure Pipelines vulnerability spotlights supply chain threats
Legit Security researchers discovered a remote code execution flaw within Microsoft's Azure DevOps platform that could give threat actors complete control of development pipelines. Continue Reading
By- Beth Pariseau, Senior News Writer
- Rob Wright, Senior News Director
-
Tip
28 Mar 2023
How to mitigate low-code/no-code security challenges
Don't adopt low-code/no-code application development approaches without considering these best practices to mitigate and prevent their inherent security risks. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
20 Mar 2023
4 cloud API security best practices
APIs make up the majority of web traffic now, but they aren't always kept as secure as needed. Consider implementing these four cloud API security best practices. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
15 Mar 2023
Dell launches new security offerings for data protection, MDR
Dell's new and expansive services focus on top security challenges enterprises face, such as data protection, ransomware recovery and supply chain threats. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
16 Feb 2023
Web 3.0 security risks: What you need to know
Elements of the third version of the web are coming to fruition. But Web 3.0 also comes with new cybersecurity, financial and privacy threats besides the familiar risks of Web 2.0. Continue Reading
By- Jessica Groopman, Kaleido Insights
-
Opinion
14 Feb 2023
Top takeaways from first CloudNativeSecurityCon
TechTarget's Enterprise Strategy Group offers the main takeaways from the first vendor-neutral, practitioner-driven conference for security. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
09 Feb 2023
Hypervisor patching struggles exacerbate ESXiArgs attacks
Ransomware hit a high number of unpatched VMware ESXi servers by exploiting two- and three-year-old flaws, which has put hypervisor patching difficulties in the spotlight. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
08 Feb 2023
Boomi AtomSphere Platform (Dell Boomi AtomSphere)
Dell Boomi is a Software as a Service (SaaS) integration vendor that provides its AtomSphere technology to a host of industry giants, including Salesforce.com, NetSuite, SuccessFactors and SAP. Continue Reading
By- Rahul Awati
- Delaney Rebernik, TechTarget
-
News
06 Feb 2023
Widespread ransomware campaign targets VMware ESXi servers
The attacks exploited a two-year-old heap overflow vulnerability in VMware ESXi. Many questions remain about the scope of the campaign and the threat actor behind it. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
24 Jan 2023
5 ways to enable secure software development in 2023
Security teams have to help developers ensure security software development, but in today's rapidly scaling cloud environments, it's a challenging task. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
17 Jan 2023
Microsoft fixes SSRF vulnerabilities found in Azure services
Orca Security, which discovered the Azure flaws, warned enterprises to be aware of SSRF attacks, which can result in a threat actor accessing or modifying sensitive data. Continue Reading
By- Arielle Waldman, News Writer
-
News
21 Dec 2022
Play ransomware actors bypass ProxyNotShell mitigations
CrowdStrike is urging organizations to apply the latest Microsoft Exchange updates after investigations revealed attackers developed a bypass for ProxyNotShell mitigations. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
08 Dec 2022
Risk & Repeat: Breaking down Rackspace ransomware attack
This Risk & Repeat podcast episode discusses the recent ransomware attack against cloud provider Rackspace, as well as the major service outage affecting its customers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
06 Dec 2022
Cisco teases new capabilities with SD-WAN update
Cisco SD-WAN 17.10 enhancements give enterprises the option of using security service edge providers Cloudflare and Netskope in secure access service edge deployments. Continue Reading
By- Mary Reines, News Writer
-
Tip
06 Dec 2022
How to implement least privilege access in the cloud
More organizations are moving their resources to the cloud but are not paying attention to how cloud access privileges are allocated. Learn how to limit access in the cloud. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
06 Dec 2022
Rackspace confirms ransomware attack after Exchange outages
The cloud service provider said that because the investigation of the ransomware attack is in the early stages, it is unknown what, if any, customer data was stolen. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
05 Dec 2022
Rackspace 'security incident' causes Exchange Server outages
Rackspace has not said what caused the security incident, but the cloud provider said it proactively disconnected its Hosted Exchange offering as it investigates the matter. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Opinion
10 Nov 2022
Secure development focus at KubeCon + CloudNativeCon 2022
The pressure is on. It's time for better security that can keep up with modern software developers. That was the message at this year's KubeCon + CloudNativeCon. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
02 Nov 2022
Kusto Query Language primer for IT administrators
Administrators who use Microsoft cloud services, such as Microsoft Sentinel and Microsoft 365, can learn how to pull information from those products with KQL queries. Continue Reading
By- Liam Cleary, SharePlicity
-
Tip
27 Oct 2022
Types of cloud malware and how to defend against them
Cloud malware isn't going away anytime soon, but organizations have a growing number of tools at their disposal to combat the threat. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
20 Oct 2022
Microsoft confirms data leak caused by misconfiguration
Microsoft criticized SOCRadar's reporting of the data leak, saying the threat intelligence vendor "greatly exaggerated" its claim that 65,000-plus entities had data exposed. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Guest Post
19 Oct 2022
3 cloud security posture questions CISOs should answer
As cloud adoption continues to accelerate, CISOs must help IT and cybersecurity teams keep pace with evolving cloud markets, especially when it comes to cloud security posture. Continue Reading
By- Kristopher Carr
-
News
19 Oct 2022
Azure vulnerability opens door to remote takeover attacks
Orca Security researchers uncovered a flaw in Azure Service Fabric that was fixed in last week's Patch Tuesday. It allows elevation of privilege and remote takeover of nodes. Continue Reading
-
Tip
30 Sep 2022
How to decide on what Office 365 add-on licenses to use
Missing certain functionality and want to supplement your subscription to Office 365 or Microsoft 365? Find out what extras make sense for your organization. Continue Reading
By- Liam Cleary, SharePlicity
-
Definition
29 Sep 2022
software-defined perimeter (SDP)
A software-defined perimeter, or SDP, is a security technique that controls access to resources based on identity and forms a virtual boundary around networked resources. Continue Reading
By- Sharon Shea, Executive Editor
-
Opinion
21 Sep 2022
Planning the journey from SD-WAN to SASE
Enterprises need integrated security and networking frameworks to manage distributed IT environments and are looking to SD-WAN and security options like SASE to get the job done. Continue Reading
By- Bob Laliberte, Former Principal Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Opinion
14 Sep 2022
5 ways to improve your cloud security posture
With more applications deployed to multiple clouds, organizations must shore up their security posture, and cloud security posture management is designed to help. Find out why. Continue Reading
By- Melinda Marks, Practice Director
-
News
13 Sep 2022
Secureworks reveals Azure Active Directory flaws
Secureworks published details of what it claims are significant security flaws in Azure's authentication system, but Microsoft has dismissed them as non-issues. Continue Reading
-
Opinion
12 Sep 2022
How data security posture management complements CSPM
Data security posture management can provide comprehensive defense-in-depth security for cloud data. Find out more about how DSPM policies move with the data. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
01 Sep 2022
Cybersecurity budget breakdown and best practices
Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
News
30 Aug 2022
VMware aims to improve security visibility with new services
Unveiled at VMware Explore, the company's new security services include Project Trinidad, Project Watch and Project Northstar. All three offer customer visibility enhancements. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
25 Aug 2022
Mitiga: Attackers evade Microsoft MFA to lurk inside M365
During an incident response investigation, Mitiga discovered attackers were able to create a second authenticator with no multifactor authentication requirements. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
24 Aug 2022
5 key questions to evaluate cloud detection and response
Consider these five questions before deciding to invest in a specialized cloud detection and response product. Continue Reading
By- Ed Moyle, Drake Software
-
Definition
24 Aug 2022
homomorphic encryption
Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
News
17 Aug 2022
CISA: Threat actors exploiting multiple Zimbra flaws
Cybersecurity vendor Volexity found earlier this month that one flaw, CVE-2022-27925, had compromised more than 1,000 Zimbra Collaboration Suite instances. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
11 Aug 2022
What is data security? The ultimate guide
Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
By- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
-
News
10 Aug 2022
Ermetic addresses IAM weaknesses in multi-cloud environments
Researchers at the cloud security vendor discussed the importance of understanding the different identity and access management features among the major cloud providers. Continue Reading
By- Arielle Waldman, News Writer
-
News
04 Aug 2022
Amazon CSO Steve Schmidt talks prescriptive security for AWS
In part two of this Q&A, Amazon CSO Steve Schmidt discusses why AWS has taken a more prescriptive approach to customer security and how it influences areas like incident response. Continue Reading
By- Arielle Waldman, News Writer
- Rob Wright, Senior News Director
-
News
03 Aug 2022
Amazon CSO Steve Schmidt preaches fungible resources, MFA
In a Q&A with SearchSecurity, Amazon CSO Steve Schmidt discusses his time as head of AWS security and shifts the cloud provider made to improve its posture, as well as customers'. Continue Reading
By- Rob Wright, Senior News Director
- Arielle Waldman, News Writer
-
News
02 Aug 2022
New Microsoft tools aim to protect expanding attack surface
New security concerns have arisen around initial attack vectors and visibility into a broader attack surface as companies have moved to the cloud, according to Microsoft. Continue Reading
By- Arielle Waldman, News Writer
-
News
28 Jul 2022
AWS adds Kubernetes security tie-ins amid SecOps tool sprawl
Amazon Detective pulls Kubernetes security data into a broader threat detection and CSPM context as IT pros at large orgs seek integrated multi-cloud security workflows. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
28 Jul 2022
AWS adds anti-malware and PII visibility to storage
New tools unveiled by AWS at re:Inforce 2022 add new anti-malware capabilities to AWS block storage and a way to find personally identifiable information with S3 object storage. Continue Reading
By- Tim McCarthy, News Writer
-
News
26 Jul 2022
AWS issues MFA call to action at re:Inforce 2022
To reduce growing attack surfaces in the cloud, AWS executives emphasized the importance of implementing MFA to protect accounts and blocking public access to cloud resources. Continue Reading
By- Arielle Waldman, News Writer
-
News
26 Jul 2022
CrowdStrike launches cloud threat hunting service
Launched at AWS re:Inforce 2022, CrowdStrike's Falcon OverWatch Cloud Threat Hunting is a standalone threat hunting service built to stop advanced threats from within the cloud. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
20 Jul 2022
data compliance
Data compliance is a process that identifies the applicable governance for data protection, security, storage and other activities and establishes policies, procedures and protocols ensuring data is fully protected from unauthorized access and use, malware and other cybersecurity threats. Continue Reading
By -
News
19 Jul 2022
Calamu Protect defends data through sharding, encryption
Calamu Protect 1.2 expands data protection capabilities for its data harbor through multi-tenancy features and support for protecting Microsoft 365 data. Continue Reading
By- Tim McCarthy, News Writer
-
Tip
18 Jul 2022
Key factors to achieve data security in cloud computing
Enterprises face a variety of data security concerns when deploying assets to the cloud. But there are some guidelines you can follow to make sure your assets are protected. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
14 Jul 2022
3 steps for getting started with security service edge
Before getting started with security service edge (SSE), formulate a migration strategy. Check out these three expert tips for tackling SSE with maximum efficiency and ease. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Tip
14 Jul 2022
SecOps vs. CloudSecOps: What does a CloudSecOps team do?
Now, more than ever, organizations need to build controls, monitor and enact security response activities for the cloud. This is where the CloudSecOps team comes into play. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
28 Jun 2022
Do you meet all the modern authentication requirements?
Microsoft's push to a more secure method for user authentication and authorization could catch some enterprises flat-footed if IT hasn't done its homework. Continue Reading
By- Reda Chouffani, Biz Technology Solutions
-
News
28 Jun 2022
Wiz launches open database to track cloud vulnerabilities
Wiz researchers Alon Schindel and Amitai Cohen and Scott Piper, cloud security engineer at Block, launched a database to list all known cloud vulnerabilities and security issues. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
27 Jun 2022
How to set up Exchange Online modern authentication
Microsoft plans to tighten up security on its hosted email platform to prevent attackers from gaining access to user credentials. Is your organization ready? Continue Reading
By- Reda Chouffani, Biz Technology Solutions
- Nathan O'Bryan, Planet Technologies
-
News
24 Jun 2022
Researchers criticize Oracle's vulnerability disclosure process
While the critical flaws were reported in April, it took the vendor nearly half a year to issue patches, exceeding the standard responsible coordinated disclosure policy. Continue Reading
By- Arielle Waldman, News Writer
-
News
20 Jun 2022
Paige Thompson found guilty in 2019 Capital One data breach
The former Amazon engineer who hacked AWS and gained access to sensitive data belonging to Capital One customers has been convicted. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
16 Jun 2022
Top cloud security takeaways from RSA 2022
Key cloud security takeaways from RSA 2022 include the need to shore up cloud application security, consolidate tools and mitigate cybersecurity skills shortages, according to ESG. Continue Reading
By- Melinda Marks, Practice Director
-
News
15 Jun 2022
Microsoft takes months to fix critical Azure Synapse bug
Orca Security discovered that inadequate tenant separation in Microsoft's Azure Synapse service could allow a threat actor to steal credentials from thousands of customers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
15 Jun 2022
How to evaluate security service edge products
As organizations become more cloud-centric and adapt to remote work, a new technique known as security service edge is gaining traction. Continue Reading
By- Ed Moyle, Drake Software
-
Tip
14 Jun 2022
3 steps for CDOs to ensure data sovereignty in the cloud
Data sovereignty regulations, combined with a tsunami of data growth and increased cloud usage, have created a perfect storm that chief data officers must manage. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
News
13 Jun 2022
Tenable slams Microsoft over Azure vulnerabilities
Tenable expressed its frustration after working with Microsoft on the disclosure of two cloud flaws that researchers ranked as critical, which the company later silently patched. Continue Reading
By- Arielle Waldman, News Writer
-
News
13 Jun 2022
Skyhigh Security CEO, VP talk life after McAfee
Gee Rittenhouse discusses the process of building Skyhigh Security, a new company created by Symphony Technology Group as a rebirth of McAfee's enterprise cloud security portfolio. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Jun 2022
VMware launches 'threat intelligence cloud' Contexa
The Contexa threat intelligence service is integrated into all VMware security products and will be available to all new and existing customers at no additional cost. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
01 Jun 2022
Hackers ransom 1,200 exposed Elasticsearch databases
An extensive extortion operation didn't need exploits or vulnerabilities to take over more than 1,200 Elasticsearch databases and demand bitcoin payments, according to Secureworks. Continue Reading
-
Tip
31 May 2022
How to get started with multi-cloud threat hunting
More clouds mean a bigger attack surface. It also complicates how companies can accurately hunt for potential threats. But there are steps to take that can reduce the risk. Continue Reading
By- Ed Moyle, Drake Software
-
News
26 May 2022
'Pantsdown' BMC vulnerability still present in Quanta servers
Eclypsium found that a critical security flaw first disclosed in 2019 remains exposed in many internet-facing servers, leaving networks at risk for remote code execution attacks. Continue Reading
-
News
25 May 2022
Verizon DBIR: Stolen credentials led to nearly 50% of attacks
The Verizon 2022 Data Breach Investigations Report revealed enterprises' ongoing struggle with securing credentials and avoiding common mistakes such as misconfigurations. Continue Reading
By- Arielle Waldman, News Writer
-
News
18 May 2022
CISA calls out security misconfigurations, common mistakes
Poor security practices and misconfigured controls are allowing threat actors to compromise enterprise networks. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
12 May 2022
3 ways to apply security by design in the cloud
Applying security-by-design principles to the cloud may not seem straightforward, but there are several ways to do so. These three areas are a good place to start. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
10 May 2022
Microsoft modern authentication deadline looms over Exchange
Support for basic authentication will end this year, giving administrators who haven't switched to a newer authentication method little time to prepare for a smooth transition. Continue Reading
By- Reda Chouffani, Biz Technology Solutions
-
News
05 May 2022
Hackers exploit vulnerable Adminer for AWS database thefts
Mandiant researchers spotted a threat group using an exploit for older versions of Adminer to get their hands on metadata that included secret keys for AWS accounts. Continue Reading
-
News
05 May 2022
Google cloud misconfiguration poses risk to customers
Cloud security vendor Mitiga discovered 'dangerous functionality' in the Google Cloud Platform that could allow attackers to compromise virtual machines. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
29 Apr 2022
Is cloud critical infrastructure? Prep now for provider outages
The cloud has quickly become critical infrastructure to many organizations. Learn about the top cloud provider outages, and discover tips on preventing disruption during downtime. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
28 Apr 2022
Lapsus$ targeting SharePoint, VPNs and virtual machines
From social engineering attacks to admin tools, a recent NCC Group report examined the tactics used by Lapsus$ to breach companies like Microsoft, Nvidia and Samsung. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
News
25 Apr 2022
LemonDuck botnet evades detection in cryptomining attacks
While the botnet is not new, it appears operators are honing their skills and evading Alibaba Cloud's monitoring service to take advantage of rising cryptocurrency prices. Continue Reading
By- Arielle Waldman, News Writer
-
News
20 Apr 2022
AWS Log4Shell hot patch vulnerable to privilege escalation
Amazon's initial Log4Shell fix had 'severe security issues,' a Palo Alto Networks security researcher said. Amazon released new patches to fix those issues Tuesday. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
14 Apr 2022
Study attests: Cloud apps, remote users add to data loss
A study from ESG found many customers attribute data loss and compliance troubles to the race to put apps in the cloud and accommodate remote workers amid the pandemic. Continue Reading
By- Margie Semilof, TechTarget
-
Tip
14 Apr 2022
The benefits and challenges of managed PKIs
Managing a public key infrastructure is a difficult task. Discover the benefits and challenges of PKI as a service to determine if managed PKI would benefit your organization. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Tip
07 Apr 2022
Should companies ask for a SaaS software bill of materials?
Though it isn't commonplace to ask for a SaaS software bill of materials, one can be beneficial for both SaaS providers and their customers. Learn why. Continue Reading
By- Ed Moyle, Drake Software
-
News
05 Apr 2022
Conti ransomware deployed in IcedID banking Trojan attack
The Conti ransomware gang gained recent notoriety for publicly backing Russia in its invasion of Ukraine. An anonymous researcher then leaked massive amounts of internal Conti data. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
01 Apr 2022
CrowdStrike finds 'logging inaccuracies' in Microsoft 365
CrowdStrike says Microsoft's cloud offering may not be accurately taking logs of user sign-ins, and that could pose a threat to protecting networks and investigating attacks. Continue Reading
-
News
23 Mar 2022
Lawsuit claims Kronos breach exposed data for 'millions'
A class-action lawsuit was filed against Ultimate Kronos Group for alleged negligence regarding a ransomware attack and private cloud breach in December. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
News
22 Mar 2022
STG launches Skyhigh Security from McAfee cloud assets
The new company combines the McAfee Enterprise Security Service Edge portfolio with a name reminiscent of a previous McAfee acquisition: Skyhigh Networks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
21 Mar 2022
2 zero-trust cloud security models emerge as demands shift
Security teams are beefing up enterprise defenses as cloud services become more essential. Zero trust -- tailored to assets, as well as users -- is an integral part of the equation. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
15 Mar 2022
Container vulnerability opens door for supply chain attacks
A CRI-O container engine vulnerability could allow attackers to bypass security controls and take over a host system, according to CrowdStrike researchers. Continue Reading
-
News
08 Mar 2022
Google to acquire Mandiant for $5.4B
Google's acquisition announcement came less than a year after Mandiant and FireEye split. FireEye was sold to Symphony Technology Group last fall for $1.2 billion. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
23 Feb 2022
Crosswalk cloud compliance to ensure consistency
Combining a risk management framework with security policies can be tricky, but crosswalking -- especially in the cloud -- can help address inconsistencies and maintain compliance. Continue Reading
By- Diana Kelley, SecurityCurve
-
News
17 Feb 2022
Snyk enters cloud security market with Fugue acquisition
Analysts say the acquisition of Fugue will give Snyk an opportunity to build a presence in the cloud security market and strengthen its infrastructure-as-code capabilities. Continue Reading
By- Arielle Waldman, News Writer
-
News
01 Feb 2022
Cato Networks adds CASB to growing SASE portfolio
Cato Networks has added CASB app visibility and enforcement capabilities to its growing SASE portfolio, and plans to add data loss prevention in the coming months. Continue Reading
By- Madelaine Millar, TechTarget
-
Opinion
31 Jan 2022
IaC security options help reduce software development risk
The use of infrastructure as code is increasing among developers, but security teams can take advantage of a growing number of tools to make sure IaC doesn't increase risk. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Feature
31 Jan 2022
Include defensive security in your cybersecurity strategy
Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help. Continue Reading
By- Kyle Johnson, Technology Editor
-
Tip
21 Jan 2022
Top cloud security standards and frameworks to consider
Cloud security standards and frameworks are key to securing systems and maintaining privacy. Read up on available options and advice for selecting the best for your organization. Continue Reading
By -
Tip
20 Jan 2022
Introduction to automated penetration testing
Automated penetration testing, which speeds up the process for companies and vendors, is maturing. Is it ready to close the time gap between vulnerability discovery and mitigation? Continue Reading
By- Andrew Froehlich, West Gate Networks
- Definition 19 Jan 2022
-
Tip
18 Jan 2022
Cloud-native security architecture principles and controls
Building a sound cloud security framework is challenging, and it's even more so when implementing a cloud-native architecture. Here are steps you can take to make the job easier. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
12 Jan 2022
New RAT campaign abusing AWS, Azure cloud services
Cisco Talos discovered threat actors taking advantage of public cloud services to spread remote administration tools such as NanoCore, NetWire and AsyncRAT. Continue Reading
-
Feature
29 Dec 2021
Editor's picks: Top cybersecurity articles of 2021
As we call it a wrap on 2021, SearchSecurity looks at the top articles from the last 12 months and their sweeping trends, including ransomware, career planning and more. Continue Reading
By- Isabella Harford, TechTarget
-
Tip
14 Dec 2021
4 API authentication methods to better protect data in transit
The API attack surface isn't always well protected. Learn about the authentication methods your company can use to secure its APIs. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Opinion
09 Dec 2021
Cloud application developers need built-in security
Enterprises plan to increase cloud application security spending in 2022. Find out how security vendors and cloud application developers can meet their needs. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
07 Dec 2021
USB-over-Ethernet bugs put cloud services at risk
SentinelOne says vulnerabilities in the Eltima SDK, which connects USB devices on virtual workstations, can put enterprises at risk of privilege escalation attacks. Continue Reading