Security News

is committed to helping you keep your Certified Cloud Security Professional certification goals on track this year. is bringing back special pricing on flexible CCSP exam prep so you can keep moving forward with full freedom and confidence.

NICE Actimize announced the launch of its newest platform, NICE Actimize Xceed, which integrates best-in-class AI, data intelligence, behavioral analytics, and insights within a unified cloud platform designed to bring agility to financial institutions of all sizes, including community and regional banks, that are looking to modernize their financial crime risk management solutions. With "Always On" AI-based technology, NICE Actimize Xceed's self-learning capabilities immediately and autonomously adapt to new threats, helping financial institutions meet today's dynamic risk management needs with laser accuracy, speed and simplicity, and without the need for a team of data scientists.

Arista's new CloudVision as-a-Service product is now available as a fully managed software service that automates multi-domain networks spanning across the client to cloud to help customers achieve faster time-to-value, elastic scaling, and continuous network assurance. "With CloudVision cognitive NetDB, we extended our unique state-sharing architecture from individual switches into the cloud, creating a unified network data platform. On top of this platform, we built CloudVision as a SaaS-based product, the next step towards network reliability with advanced network assurance services," said Ken Duda, Founder, Chief Technology Officer and Senior Vice President, Software Engineering at Arista.

The latest release includes considerable security improvements to their Cloud PAM application, bolstering one of the only solutions to converge Identity Governance, Application Governance-Risk Management-and Compliance, and Privileged Access Management into a unified Identity Platform built for the cloud. The latest release of Saviynt's Cloud PAM provides improved governance, analytics, and access to privileged assets across enterprise applications and platforms including Google Cloud Platform.

Uniquely available both on-premises and as SaaS, VMware vRealize provides customers with the agility and efficiency of cloud infrastructure at scale, leveraging artificial intelligence, machine learning, and DevOps principles such as Infrastructure as Code and GitOps to provision, orchestrate, optimize and govern hybrid and multi-cloud environments. VMware vRealize Log Insight 8.2 and vRealize Log Insight Cloud will also introduce enhanced Kubernetes support, deeper integration with VMware Cloud on AWS, and overall usability enhancements.

Styra announced that Styra Essentials now includes Long Term Support for Open Policy Agent, enabling companies in highly regulated industries to take advantage of cloud-native authorization policy. Highly regulated industries typically limit how often companies can update their software in order to reduce new risks.

A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services cloud and collecting credentials. Attacking AWS. The attack starts with targeting the way that AWS stores credentials in an unencrypted file at ~/.aws/credentials, and additional configuration details in a file at ~/.aws/config.

Accurics unveiled a major upgrade to Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code. The new Terrascan architecture leverages the Open Policy Agent engine from CNCF, which dramatically simplifies policy definition for developers that want to create custom policies as well as provides over 500 out-of-the-box policies for the CIS Benchmark.

Red Hat OpenShift 4.5, which includes the general availability of OpenShift Virtualization, is designed to help organizations break down application barriers between traditional and cloud-native infrastructure and extend control over distributed resources. Red Hat OpenShift now includes OpenShift Virtualization, a new platform feature that enables IT organizations to bring standard VM-based workloads to Kubernetes, helping eliminate the workflow and development silos that typically exist between traditional and cloud-native application stacks.

How does AppTrana handle evasions Real-world attacks often include multiple steps, including reconnaissance and a combination of attacks, so behavior profiling, anomaly scoring provide automated mitigation, and security experts, like the Indusface security research team, can quickly see if the attack is new or unique and take appropriate action. How to evaluate WAF Any security solution should be regularly evaluated in terms of blocking attacks, FPs, and performance.