What Is CI/CD Security & Why Does It Matter?
Wondering about CI/CD security? We explain why CI/CD security is essential, how it works, the tools you need, and best practices to overcome its challenges ... Read More
Recon.Cloud at Black Hat: Better, faster, and free cloud reconnaissance for all
Earlier this year, Lightspin announced the free cloud security reconnaissance tool, Recon.Cloud (aka Recon). In just 4-months since launching, thousands of users have discovered nearly 3 million assets, searching hundreds of domains. We’ve seen cloud researchers even create GitHub repos like a bash script for scanning Recon.Cloud for easy ingestion ... Read More
What is CSPM? Why Is It Important?
Curious about CSPM? We explain what cloud security posture management is, why it is needed, and how it works ... Read More
Cloud Security Best Practices
Cloud security is one of the most important aspects of cloud computing. Read on to understand cloud security best practices your company should follow ... Read More
Cloud Security Challenges & How to Overcome Them
Cloud computing is ubiquitous and growing quickly, making cloud security increasingly important. We discuss cloud security challenges and ways to overcome them ... Read More
What Is An Attack Path & How Does It Help Identify Risks?
In this blog, we discuss what an attack path is, how mapping an attack path works, and how it can help you get improved visibility into your cloud environments to better identify potential critical risks and vulnerabilities ... Read More
Cloud Security Explained: Why It Matters & How It Works
What Is Cloud Security? Cloud security involves the procedures, policies, controls, and technologies that protect data and infrastructure in cloud-based systems. These security measures enable data recovery, prevent data theft, ensure compliance, and reduce the impact of misconfigurations and human negligence ... Read More
In 2022, Lightspin is Further Expanding Our Coverage
To usher in the new year, Lightspin is expanding our multi-cloud coverage. Beyond our support of AWS, Azure, and Kubernetes, in 2022, we are proud to announce we support Google Cloud Platform (GCP) as well! This expansion into GCP means you can easily, quickly, and without any agents onboard your ... Read More
CVE-2021-44228: The Log4Shell Vulnerability
A critical, zero-day vulnerability known as “Log4Shell” was recently found in Apache Log4j, an open-source logging utility used by an enormous array of enterprise software, applications, and cloud services. It was first discovered in remote-code compromises against Minecraft servers (the popular Microsoft video game), but the impact of the vulnerability ... Read More