Security News

Sticking to traditional security playbook is mistake for cloud security: Palo Alto Networks SVP
2023-05-16 21:25

TechRepublic spoke with Ankur Shah, SVP and general manager of Prisma Cloud, about what cloud security means and how IT pros and decision makers should think beyond the traditional cybersecurity playbook when it comes to cloud security. Ankur Shah: Before the cloud, security was like a house with one front door, a camera and a security guard: one level of security and you're good to go.

Google Cloud CISO on why the Google Cybersecurity Certificate matters
2023-05-16 08:24

As part of Google's commitment to building a strong cybersecurity workforce, the Google Cybersecurity Certificate offers an affordable and accessible pathway to a career in cybersecurity. Despite the urgent need to address this threat, there are currently more than 750,000 unfilled cybersecurity jobs in the U.S. We launched the new Cybersecurity Certificate to help employers fill critical roles, and to level the playing field for people of all backgrounds to enter the cybersecurity workforce.

ENISA leans into EU-based clouds with draft cybersecurity label
2023-05-11 12:44

Cloud services providers that aren't based in Europe - like the Big Three - may have to team up with a cloud that is operated and maintained from the EU if they want ENISA's stamp of approval for handling sensitive data. ENISA, the European Union's cybersecurity agency, is currently developing a cybersecurity certification scheme that aims to better protect member-state governments' and businesses' data.

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs
2023-05-10 06:16

Kubernetes Security Operations Center released the first-ever Kubernetes Bill of Materials standard. While the Software Bill of Materials has moved forward to the point of being a formal part of the NIST requirements required by the USA federal government in federal purchases, this requirement falls short of the deployment stage in the application development lifecycle, where Kubernetes into play.

56,000+ cloud-based apps at risk of malware exfiltration
2023-05-10 03:30

Even more alarming are the revelations in this year's report about browser session cookies - unquestionably the most prized data exfiltrated by malware. SpyCloud recaptured 1.87 billion malware cookie records tied to Fortune 1000 employees.

Security in the cloud with more automation
2023-05-03 03:00

We're now making cloud security automation easier for you by releasing CIS hardening components in EC2 Image Builder on Amazon Web Services. Our CIS hardening components help give you more options for building a golden image, especially when you need to automate your image creation process.

Using just-in-time access to reduce cloud security risk
2023-05-01 04:30

Excessive privileges are a continuing headache for security professionals. Cloud environments rely on identity as the security perimeter, and identities are mushrooming and making "Identity sprawl" a serious challenge.

Google Authenticator now backs up your 2FA codes to the cloud
2023-04-25 14:39

The Google Authenticator app has received a critical update for Android and iOS that allows users to back up their two-factor authentication one-time passwords to their Google Accounts and have multi-device support. Google Authenticator is an immensely popular authentication app with over 100 million installs that lets users generate these one-time passwords for 2FA verification.

Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis
2023-04-25 10:39

Google's cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape.Users, like with Microsoft's GPT-4-based Security Copilot, can "Conversationally search, analyze, and investigate security data" with an aim to reduce mean time-to-respond as well as quickly determine the full scope of events.

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes
2023-04-25 04:33

"This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security," Google's Christiaan Brand said. The update, which also brings a new icon to the two-factor authenticator app, finally brings it in line with Apple's iCloud Keychain and addresses a long-standing complaint that it's tied to the device on which it's installed, making it a hassle when switching between phones.