Cloud Security

How to Think about Threat Detection in the Cloud
This is written jointly with Tim Peacock and will eventually appear on the GCP blog. For now, treat this as “posted for feedback” :-) Ideally, read this post first.In this post, we will share ...

Security BSides Sofia 2022 – Daniel Rankov’s ‘Common Security Pitfalls In AWS Public Cloud For Highly Regulated Industries’
Our thanks to Security BSides Sofia for publishing their Presenter’s Security BSides Sofia 2022 superb security videos on the organization’s’ YouTube channel. Permalink ...
Three new API exploits causes GitLab data privacy and availability issues
On May 10, 2022, and May 11, 2022, CVE-2022-1352 CVE-2021-1431, and CVE-2022-1545 were fixed and published on Gitlab-ORG public repository. There are no technical details or exploits yet, but according to the ...
Two critical security flaws found in Nginx-Ingress controller
Ingress controllers allow users to configure an HTTP load balancer for applications running on Kubernetes. It’s needed to serve those applications to clients outside of the Kubernetes Cluster. It’s also configured with ...

How many of your GCP buckets are publicly accessible? It might be more than you think…
Google Cloud Storage is Google’s storage service for storing and retrieving data with high reliability, performance, and availability. Storage services tend to be a weak point in terms of security for many ...

Cisco Makes Cloud Controls Framework Public
Cisco announced it is making its Cloud Controls Framework (CCF), a comprehensive set of international and national security compliance and certification requirements, available to the public. The standards have been aggregated into ...
Making an Informed Cloud Security Decision
Many organizations rely on neural networks driven by machine learning that relies on the accuracy of manually constructed training data. Training data errors lead to overlooked anomalous behavior and, often, mountains of ...
Podcast: Cloud Workload Protection Platforms
Data Security Podcast In a recent podcast interview with Hillarie McClure, Multimedia Director of Cybercrime Magazine, Robert E. Johnson III, Cimcor CEO/President, discusses the latest views on cloud workload protection platforms. The ...

AWS is Under Threat from Unused Privileges
Amazon Web Services (AWS) provides the backbone infrastructure for many organizations, making it a vital resource that needs to be protected. Sprawling across a wide range of apps and services, AWS is ...
The main security challenges when adopting cloud services
The popularity of cloud services has increased exponentially in recent years. The prospects of saving on capital and operational expenditures have been significant driving forces in influencing companies to adopt cloud services ...