Security News

A new report conducted by Dimensional Research revealed that 32% of enterprises experienced unauthorized access to cloud resources, and another 19% were unaware if unauthorized access occurred. "This research highlights the immense cloud governance gaps enterprises experience that ultimately leave sensitive data vulnerable to breaches. It is critical enterprises adopt a unified approach to properly govern cloud access and protect enterprise data to avoid costly breaches and preserve trust."

Anuta Networks announced the availability of ATOM Cloud, a Software-as-a-Service offering of its ATOM network automation platform. ATOM Cloud increases operational efficiency, improves network reliability and assurance, simplifies processes, and reduces the potential for errors.

Aruba, a Hewlett Packard Enterprise company in collaboration with Microsoft, announced two new solutions that enable organizations to accelerate their digital transformation from edge-to-cloud by delivering deeper integration between Aruba ESP and Microsoft Azure. Announced at Microsoft Ignite 2021, the first solution is Aruba IoT Transport for Azure, a service that enables IoT devices connected to Aruba access points and controllers to bi-directionally communicate with the Azure IoT Hub.

A vulnerability affecting Eclipse Jetty web servers can be exploited by an attacker to inflate a targeted organization's cloud services bill or cause disruption, according to security researchers at tech company Synopsys. Jetty is an open source Java web server and servlet container that has been used in a wide range of projects and products, including by major companies such as Facebook, Google and Yahoo.

The Risk Protection Program is designed to help customers reduce cloud security risk and in turn potentially reduce costs by connecting with two of the world's leading insurers for specialized and enhanced cyber insurance designed exclusively for Google Cloud customers. As the use of cloud services increases, expanding to sensitive workloads and new data types, customers more than ever need assurances that their use of cloud services is integrated tightly into their overall risk management program.

Bridgecrew announces they've shifted their security scanning and fixing technology even further left with a new Visual Studio Code extension. "While Bridgecrew's mission is to ensure infrastructure security at every stage of the development lifecycle from code and build, through deployment, and into runtime the earlier you catch issues, the less headaches you'll have later down the road," said Barak Schoster, CTO, Bridgecrew.

The majority of all malware is now delivered via cloud applications, underscoring how attackers increasingly abuse popular cloud services to evade legacy security defenses putting enterprise data increasingly at risk, a Netskope research reveals. "Cybercriminals increasingly abuse the most trusted and popular cloud apps, especially for cloud phishing and cloud malware delivery," said Ray Canzanese, Threat Research Director at Netskope.

To select a suitable cloud security solution for your business, you need to think about a variety of factors. Let's face it, managing security on-premises is hard enough, but add in multiple cloud vendors and platform options, increased threat vectors and attack surfaces - the need for cloud security cannot be overstated.

Assured Data Protection announced the launch of its eXtended Detection and Response service, providing businesses and MSPs with a fully automated and managed XDR solution powered by Confluera. The service delivers XDR across multiple data streams and complements existing cloud data backup and recovery systems to provide pervasive cloud data management.

The Terraform open-source infrastructure leverages the predefined policies and standards definitions built into the Cavirin security and compliance solution. Finally, Cavirin has introduced a new Cybersecurity Maturity Model assessment policy that enables defense suppliers to evaluate their cloud/compute systems for CMMC compliance.