Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Researchers have analyzed 20 of the most popular Docker container images and found that while they contain many vulnerabilities, less than half of these flaws pose an actual risk. [Read More]
A threat actor, likely a state-sponsored cyberespionage group, has used a sophisticated technique to allow its malware to communicate with C&C servers across firewalls. [Read More]
Cisco launches SecureX, a cloud-native security platform designed to improve visibility, deliver analytics, and automate common security workflows. [Read More]
VMware has patched serious vulnerabilities, including remote code execution and authentication bypass issues, in vRealize Operations for Horizon Adapter. [Read More]
A surge in malicious login attempts is likely to be a flood of credential lists in the criminal marketplace, the attractiveness of financial data, and a more general shift in criminal credential abuse towards targeting API logins. [Read More]
Microsoft this week announced the general availability of Microsoft Threat Protection, its integrated security solution aimed at offering protection across users, email, applications, and endpoints. [Read More]
Social media threat protection firm ZeroFOX has raised $74 million, which brings the total funding raised by the company to $154.2 million. [Read More]
More than 500 extensions were removed from the Chrome Web Store after they were found to be engaging in covert data exfiltration activities. [Read More]
Microsoft announced that Safe Documents and Application Guard, two security capabilities introduced last fall, are now available to more of its Office 365 ProPlus customers. [Read More]
Enterprise SOC-as-a-Service company Cysiv has raised $26 million in a Series A funding round. [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

Gunter Ollmann's picture
CISOs are increasingly cognizant of the value deep integration of threat intelligence can bring to cloud protection platforms and bottom-line operational budgets.
Torsten George's picture
Securing multi-cloud and hybrid environments creates an unfamiliar situation for many organizations, in which they’re unsure of who is responsible for controlling access to and securing the underlying infrastructure.
John Maddison's picture
A single, cross-platform security strategy ensures that your cloud security deployment doesn’t replicate the challenges of complexity, siloed solutions, and solution sprawl faced in traditional network security environments.
Gunter Ollmann's picture
The faster in-house network administrators can transition to becoming public cloud network security engineers, architects, or analysts, the faster their organizations can implement digital transformation.
Justin Fier's picture
As executives, developers, security teams, and third-party vendors struggle to exert their influence on digital transformation, threat-actors are exploiting the chaos for their own gain.
Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Laurence Pitt's picture
“The Cloud Wars” may be dominating IT news headlines, but what does this phrase actually mean? And is it something that an enterprise needs to be concerned with?
Gunter Ollmann's picture
To the surprise of many, public cloud appears to be driving a renaissance in adoption and advancement of managed security service providers (MSSP).
Ashley Arbuckle's picture
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.
Gunter Ollmann's picture
75 years may separate War World II from cloud SIEM, but we’re on the cusp of being able to apply the hard-earned learnings from Abraham Wald in our latest adversarial conflict – the cyberwar.