Shifting Cloud Security Left with Infrastructure as Code

Introduction and Executive Summary DevOps and the continuous integration/continuous deployment (CI/CD) pipeline are revolutionizing application development, test, and cloud delivery, enabling developers to write the application code and define the cloud infrastructure. But where is cloud security? Unfortunately, to date, … Read more The post Shifting Cloud Security Left with ... Read More
Cloud Security Democracy

Full Lifecycle Cloud Security, Part II

| | Blog
In the first part of this blog series, we described how both the prevention of risk during the continuous innovation/continuous deployment (CI/CD) process and the detection of risk at runtime paired with automated remediation are essential components of full lifecycle … Read more The post Full Lifecycle Cloud Security, Part ... Read More
Zoom Recordings Exposed

Zoom Recordings Exposed

| | Blog
Zoom Video Communications is a remote conferencing services company. Many organizations use their product for its video conferencing, online meetings, chat, and mobile collaboration to stay in contact with remote colleagues, customers, partners, etc. Zoom’s value and use has skyrocketed … Read more The post Zoom Recordings Exposed appeared first ... Read More
DivvyCloud at RSA 2020

Dark Reading Interview with DivvyCloud CEO

| | Blog
Dark Reading Contributing Editor Terry Sweeney recently interviewed DivvyCloud CEO and co-founder Brian Johnson. They discuss Brian’s cloud security philosophy and how we are solving challenges for our customers. Brian offers insight into how security teams continue to evolve within … Read more The post Dark Reading Interview with DivvyCloud ... Read More

In the Face of a Pandemic, Cyberattackers Seek to Take Advantage

| | Blog
Cyberattackers live for moments of crisis and confusion. Government agencies and companies already stretched thin are at their most vulnerable, and cyberattackers are all too willing to apply overwhelming pressure to maliciously disrupt operations or gain some financial benefit. As … Read more The post In the Face of a ... Read More
Cloud Security

Full Life Cycle Cloud Security

| | Blog
When security teams find cloud vulnerabilities and misconfigurations at runtime, they are often blamed for introducing friction into the continuous integration/continuous delivery (CI/CD) pipeline and stifling the enterprise’s ability to innovate as efficiently as possible. But it is not the … Read more The post Full Life Cycle Cloud Security ... Read More
Ransomware note

S3 Bucket Ransomware Attack: What Is It and How Can It Happen?

| | Blog
Permission settings for cloud object storage services like S3 buckets are frequently the cause of data breaches. But Rhino Security Labs, a penetration testing and security assessment firm, is drawing attention to another concern. By leveraging S3 buckets as a … Read more The post S3 Bucket Ransomware Attack: What ... Read More
Feature Release 20.1

Feature Release 20.1

| | Blog
With each DivvyCloud release, we have a chance to demonstrate our customer-first mentality and reaffirm our opposition to pushing prescriptive, one-size-fits all cloud security solutions to our customers. We strive continuously to align our customers’ needs and priorities to our … Read more The post Feature Release 20.1 appeared first ... Read More

Security Isn’t a Four-Letter Word: How Infrastructure as Code Amplifies DevOps through the Inclusion of Security

| | Blog
Our fast-paced lives are fueled by innovative, cloud-native companies. We are able to watch our favorite programs and movies from anywhere in the world on any device. We are able to collaborate with our colleagues on an upcoming presentation, regardless … Read more The post Security Isn’t a Four-Letter Word: ... Read More

It’s Data Privacy (and Protection) Day!

| | Blog
We live in a data driven world, so it’s important to be good stewards of our own data and the data of others. Each year on January 28, we have a dedicated opportunity to raise awareness about the importance of … Read more The post It’s Data Privacy (and Protection) ... Read More