How to Think about Threat Detection in the Cloud

Anton Chuvakin | May 19, 2022 | Cloud Security, cloud-threat-detection, threat detection

This is written jointly with Tim Peacock and will eventually appear on the GCP blog. For now, treat this as “posted for feedback” :-) Ideally, read this post first.In this post, we will share ...

Stories by Anton Chuvakin on Medium

Security BSides Sofia 2022 – Daniel Rankov’s ‘Common Security Pitfalls In AWS Public Cloud For Highly Regulated Industries’

Marc Handelman | May 18, 2022 | Cloud Security, cybersecurity education, education, NATO Member State, Republic of Bulgaria, security, Security BSides Sofia, Security Conferences, Security Education, United States Allies

Our thanks to Security BSides Sofia for publishing their Presenter’s Security BSides Sofia 2022 superb security videos on the organization’s’ YouTube channel. Permalink ...

Infosecurity.US

Three new API exploits causes GitLab data privacy and availability issues

Ivanwallarm | May 16, 2022 | API security, Cloud Security, cve-2022-1352, DEVOPS, GitLab, idor, Network Security, Web Application Security

On May 10, 2022, and May 11, 2022, CVE-2022-1352 CVE-2021-1431, and CVE-2022-1545 were fixed and published on Gitlab-ORG public repository. There are no technical details or exploits yet, but according to the ...

Wallarm

Two critical security flaws found in Nginx-Ingress controller

Ivanwallarm | May 12, 2022 | API security, Cloud Security, DEVOPS, Different attack types, Researcher Corner

Ingress controllers allow users to configure an HTTP load balancer for applications running on Kubernetes. It’s needed to serve those applications to clients outside of the Kubernetes Cluster. It’s also configured with ...

Wallarm

How many of your GCP buckets are publicly accessible? It might be more than you think…

Noga Yam Amitai | May 12, 2022 | Cloud Security, FEATURED

Google Cloud Storage is Google’s storage service for storing and retrieving data with high reliability, performance, and availability. Storage services tend to be a weak point in terms of security for many ...

Lightspin Blog

Cisco Makes Cloud Controls Framework Public

Nathan Eddy | May 12, 2022 | cisco, cloud controls, Cloud Security, cybersecurity framework

Cisco announced it is making its Cloud Controls Framework (CCF), a comprehensive set of international and national security compliance and certification requirements, available to the public. The standards have been aggregated into ...

Security Boulevard

Making an Informed Cloud Security Decision

Christian Wiens | May 11, 2022 | Blog, Cloud Security

Many organizations rely on neural networks driven by machine learning that relies on the accuracy of manually constructed training data. Training data errors lead to overlooked anomalous behavior and, often, mountains of ...

MixMode

Podcast: Cloud Workload Protection Platforms

Jacqueline von Ogden | May 10, 2022 | Cloud Security, Podcast

Data Security Podcast In a recent podcast interview with Hillarie McClure, Multimedia Director of Cybercrime Magazine, Robert E. Johnson III, Cimcor CEO/President, discusses the latest views on cloud workload protection platforms. The ...

Cimcor Blog

AWS is Under Threat from Unused Privileges

Gabriel Avner | May 9, 2022 | Cloud Security, IaaS, IaaS Security, Identity-security first, privileged access, Uncategorized

Amazon Web Services (AWS) provides the backbone infrastructure for many organizations, making it a vital resource that needs to be protected. Sprawling across a wide range of apps and services, AWS is ...

Authomize

The main security challenges when adopting cloud services

Tripwire Guest Authors | May 8, 2022 | Cloud, Cloud Security, cloud services

The popularity of cloud services has increased exponentially in recent years. The prospects of saving on capital and operational expenditures have been significant driving forces in influencing companies to adopt cloud services ...

The State of Security