Security News

Cloud comms platform Twilio has confirmed its private GitHub repositories were cloned after it became the latest casualty of the compromised credential-stealing Codecov script. Twilio said: "We have Codecov tools, including the Bash Uploader component, in use in a small number of our projects and CI pipelines." The company added that these particular projects were "Not in the critical path to providing updates or functionality to our communication APIs" and that it has "Remediated the potential exposure by thoroughly reviewing and rotating any potentially exposed credentials."

Cloud security is more topical than ever when considering all the fun things that have happened in 2021 with security startups! Before talking about innovation and startups though, let's talk about a brief history of cloud security especially public cloud.

IBM Security introduced a new Software as a Service version of IBM Cloud Pak for Security, designed to simplify how organizations deploy a zero trust architecture across the enterprise. The new IBM Security zero trust blueprints offer a framework for building a security program designed by applying the core principles of zero trust: least privilege access; never trust, always verify; and assume breach.

Amazon Web Services announced the general availability of Amazon DevOps Guru, a fully managed operations service that uses machine learning to make it easier for developers to improve application availability by automatically detecting operational issues and recommending specific actions for remediation. When Amazon DevOps Guru analyzes system and application data to automatically detect anomalies, it also groups this data into operational insights that include anomalous metrics, visualizations of application behavior over time, and recommendations on actions for remediation-all easily viewable in the Amazon DevOps Guru console.

QOMPLX announced the extension of its Identity Assurance analytics solution to automatically detect identity-based attacks on cloud service providers. The company's new Cloud Identity Forgery detections for Q:CYBER detect lateral movement and post-exploitation attacks, including those used in the SolarWinds compromises, in which attackers illicitly accessed federated cloud services using forged Security Assertion Markup Language assertions.

The D3 Cloud is regionally deployed and offered through a strategic partnership between DATA3 Corporation and OrionVM. "We're thrilled to partner with OrionVM to bring this solution to market in time to meet the urgent need of applications enabling the remote workforce and the rapidly-changing business environment," said David Harrelson, COO and EVP of DATA3 Corporation. "We believe the D3 Cloud will be a game changer for a lot of businesses and IT service providers looking to gain a competitive edge and their own identity in deploying premium cloud solutions."

SEE: Research: Video conferencing tools and cloud-based solutions dominate digital workspaces; VPN and VDI less popular with SMBs. Ron Bennatan: We all know that the transformation, the move to cloud, the move of the workloads to the cloud, I mean, it's something that's been happening for the last five years and more. One of the hardest things is to deal with that complexity, and the cloud gives you so many options and so much freedom and so much flexibility that it's great to drive business, but it's not always clear whether all the security controls are catching up as quickly as they should be with that transformation and the workloads going in the cloud.

The problem is not the cloud, one expert said. It's the speed at which companies are moving items to the cloud without considering security controls.

Microsoft Research's Project Freta aims to find invisible malware running on the cloud. Attackers have invested in smarter malware that can get around traditional security tooling, hiding underneath the operating system in memory, masking tell-tale signatures, and even deleting itself as soon as it detects security systems in action.

A strong case can be made that shoring up defenses requires "Automating out" the weakest link - i.e., humans - from any cloud that companies are entrusting with their data. In "Automating out the weak link," the ability of superusers or IT administrators - or of bad actors who have gained access to valid admin credentials - to manually interfere with sensitive data becomes non-existent, because human interaction is eliminated.