Security News

Anjuna, a provider of cloud application security, today announced that it has raised $30 million in Series B funding, which brings the total raised by the company to date to $42 million. The funding round was led by Insight Partners and is expected to help the company bring its Confidential Cloud Software Platform to market and support technology development and innovation.

Splunk announced the new Splunk Security Cloud, a data-centric modern security operations platform that delivers advanced security analytics, automated security operations, and integrated threat intelligence with an open, unparalleled ecosystem. "As the volume and complexity of data grows and customers' digital environments get more complex, Splunk Security Cloud provides the best solutions to help customers solve their ever-evolving security challenges."

Securonix announced a new product for its cloud-native platform: Securonix Open XDR. The new product comes with Securonix Autonomous Threat Sweep and empowers customers with robust threat detection and response capabilities needed to respond swiftly to sophisticated threats across endpoints, networks and hybrid cloud environments. The fully integrated solution delivers out-of-the-box threat detection and response across endpoints, networks and the cloud for rapid time to value.

Cloud security is critically important for organizations across the globe as adoption of cloud infrastructure continues to grow at a rapid clip. The shift toward the cloud is unstoppable, and inevitably, it's driving soaring demand for skilled security professionals, according to GIAC. Demand for specific cloud security skills is far outpacing the broader demand for cybersecurity skills, according to Burning Glass.

The Asia Pacific Network Information Centre, the internet registry for the region, has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, facing the public internet for three months. During that maintenance effort, a dump from APNIC's Whois SQL database was copied to a Google Cloud storage bucket that Sanjaya said "Was believed to be private".

Infrastructures change, attack surfaces reduce and multiply and, not surprisingly, your cloud environment advances. Often with lateral attacks, the attacker first gains access to key pairs and sets up a temporary credential using specific commands.

Sapio Research conducted a survey of more than 400 IT leaders at U.S.-based organizations with more than 1000 employees which offers a picture for enterprises transitioning to the cloud and multi-cloud so that they understand the challenges and are empowered to make informed decisions about cloud networking and security. The results show that while multi-cloud transit can dramatically improve network latency, the move to multi-cloud also introduces significant complexity and security challenges.

Vaccine passports challenged by data privacy and security implicationsWhile some think vaccine apps could be the key to lifting travel restrictions, challenges have arisen regarding data privacy and security implications. Apple fixes actively exploited vulnerabilities affecting older iDevicesApple has released a security update for older iDevices to fix three vulnerabilities, two of which are zero-days that are apparently actively exploited in attacks in the wild.

As cloud computing grows in popularity across all use cases, cloud workloads have never been more attractive to malicious actors. While defending on-premises setups is about detecting suspicious communications, cloud security is about closing open doors due to loose authorizations and misconfigurations.

OpsCompass announced the results of a report it conducted on cloud security posture and management challenges. "Operations teams are managing increasingly complex cloud infrastructure and are hyper-concerned about misconfigurations and configuration drift resulting in security gaps and potential breaches. Our goal with this report is to assess what teams are experiencing today, understand their concerns, and drive conversations to improve cloud security."