Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Following speculation that Microsoft services served as an initial entry point for the SolarWinds hackers, the tech giant has provided some clarifications. [Read More]
CISA says many of the victims of the SolarWinds hackers were targeted through other methods, not the SolarWinds supply chain attack. [Read More]
The cloud data protection provider will continue investment in global expansion. To date, it raised over $267.5 million. [Read More]
ZDI announces Pwn2Own 2021, with a prize pool of $1.5 million, including $600,000 for hacking a Tesla and $200,000 for Zoom and Microsoft Teams exploits. [Read More]
Google warned about a “government-backed entity based in North Korea” targeting security researchers with social engineering attacks and drive-by browser exploits from booby-trapped websites. [Read More]
A misconfiguration resulted in more than 1,000 stolen corporate credentials exposed in plain sight. [Read More]
The company plans to use the funds to accelerate go-to-market strategy and scale operations. [Read More]
Microsoft has released another report detailing the tactics, techniques and procedures of the SolarWinds hackers. [Read More]
FireEye has released an open source tool that checks Microsoft 365 tenants for the use of techniques associated with the SolarWinds hackers. [Read More]
The Canadian data security startup closes a Series A funding round to expand its data discovery and classification offerings. [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

Gunter Ollmann's picture
Managed security services are undergoing a timely and significant transformation, armed with new hyperscalable technology stacks, hybrid enterprise and cross-cloud protection complexities.
Gunter Ollmann's picture
CISOs and their security teams need to quickly master these technologies if they’re to successfully partner with in-house development teams and secure “data-in-use.”
Gunter Ollmann's picture
It is reasonable to assume that within five years the term “confidential compute” will become superfluous and an assumed native component of all cloud services.
Justin Fier's picture
Businesses should be emphasizing visibility, early threat detection, and focusing on understanding ‘normal’ activity rather than ‘bad.’
Torsten George's picture
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Gunter Ollmann's picture
With a diverse and globally distributed workforce, cybersecurity buying decisions will increasingly factor accessibility, usability, and inclusiveness in solution design and operability.
Gunter Ollmann's picture
CISOs are increasingly cognizant of the value deep integration of threat intelligence can bring to cloud protection platforms and bottom-line operational budgets.
Torsten George's picture
Securing multi-cloud and hybrid environments creates an unfamiliar situation for many organizations, in which they’re unsure of who is responsible for controlling access to and securing the underlying infrastructure.
John Maddison's picture
A single, cross-platform security strategy ensures that your cloud security deployment doesn’t replicate the challenges of complexity, siloed solutions, and solution sprawl faced in traditional network security environments.
Gunter Ollmann's picture
The faster in-house network administrators can transition to becoming public cloud network security engineers, architects, or analysts, the faster their organizations can implement digital transformation.